From d08a53df85261c993049bd2cdf5bfc141f83e390 Mon Sep 17 00:00:00 2001 From: codex-server Date: Sat, 2 May 2026 03:09:45 -0300 Subject: [PATCH] auto-sync: tudo-para-ia-mais-humana 2026-05-02 03:09:44 --- ...route-acceptance-central-write-status.json | 15 + .../mcp-admin-route-acceptance-compacto.json | 12766 ++ dados/mcp-admin-route-acceptance.json | 108293 +++++++++++++++ ...ay-access-policy-central-write-status.json | 2 +- dados/mcp-gateway-access-policy.json | 10 +- ...publication-gate-central-write-status.json | 2 +- dados/mcp-publication-gate-mais-humana.json | 22 +- ...geted-sync-audit-central-write-status.json | 2 +- dados/targeted-sync-audit.json | 20 +- ...orkspace-hygiene-central-write-status.json | 2 +- dados/workspace-hygiene-report.json | 10 +- ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md | 520 + ecossistema/MCP-GATEWAY-ACCESS-POLICY.md | 4 +- .../MCP-PUBLICATION-GATE-MAIS-HUMANA.md | 8 +- ecossistema/TARGETED-SYNC-AUDIT.md | 10 +- ecossistema/WORKSPACE-HYGIENE-REPORT.md | 8 +- matrizes/mcp-admin-route-acceptance.csv | 911 + matrizes/mcp-publication-gate-decisions.csv | 2 +- matrizes/targeted-sync-audit.csv | 6 +- matrizes/workspace-hygiene-targets.csv | 2 +- src/mais_humana/central_materialization.py | 862 + src/mais_humana/cli.py | 20 + .../generated_mcp_admin_route_acceptance.py | 26403 ++++ tests/test_central_materialization.py | 59 + tests/test_mcp_admin_route_acceptance.py | 74 + 25 files changed, 149976 insertions(+), 57 deletions(-) create mode 100644 dados/mcp-admin-route-acceptance-central-write-status.json create mode 100644 dados/mcp-admin-route-acceptance-compacto.json create mode 100644 dados/mcp-admin-route-acceptance.json create mode 100644 ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md create mode 100644 matrizes/mcp-admin-route-acceptance.csv create mode 100644 src/mais_humana/central_materialization.py create mode 100644 src/mais_humana/generated_mcp_admin_route_acceptance.py create mode 100644 tests/test_central_materialization.py create mode 100644 tests/test_mcp_admin_route_acceptance.py diff --git a/dados/mcp-admin-route-acceptance-central-write-status.json b/dados/mcp-admin-route-acceptance-central-write-status.json new file mode 100644 index 0000000..0b0f2d2 --- /dev/null +++ b/dados/mcp-admin-route-acceptance-central-write-status.json @@ -0,0 +1,15 @@ +{ + "centralPlatformFolder": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform", + "failures": [ + { + "error": "PermissionError: [Errno 13] Permission denied: 'G:\\\\_codex-git\\\\nucleo-gestao-operacional\\\\central-de-ordem-de-servico\\\\projects\\\\15_repo_tudo-para-ia-mais-humana-platform\\\\reports\\\\EXECUTADO__mcp-admin-route-acceptance.md'", + "path": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform\\reports\\EXECUTADO__mcp-admin-route-acceptance.md" + }, + { + "error": "PermissionError: [Errno 13] Permission denied: 'G:\\\\_codex-git\\\\nucleo-gestao-operacional\\\\central-de-ordem-de-servico\\\\projects\\\\15_repo_tudo-para-ia-mais-humana-platform\\\\indexes\\\\mcp-admin-route-acceptance-index.md'", + "path": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform\\indexes\\mcp-admin-route-acceptance-index.md" + } + ], + "generatedAt": "2026-05-02T06:06:50+00:00", + "ok": false +} \ No newline at end of file diff --git a/dados/mcp-admin-route-acceptance-compacto.json b/dados/mcp-admin-route-acceptance-compacto.json new file mode 100644 index 0000000..3d43917 --- /dev/null +++ b/dados/mcp-admin-route-acceptance-compacto.json @@ -0,0 +1,12766 @@ +{ + "blockedCases": 65, + "cases": [ + { + "evidenceId": "evidence-ad52ab3aec8c146ff3726b2d", + "humanNextAction": "homologar rota administrativa acao para business/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "administrador_empresa", + "routeId": "business.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d082c395fdaf1f2b7f4477634fefea03d68c34daa50caffe9869d4f764ede499", + "sourceRecordsHash": "ad52ab3aec8c146ff3726b2d3906e7a5c070939751f6dc09bd22113e142f679b", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-10ecf5e6942e1370acc44c11", + "humanNextAction": "homologar rota administrativa auditoria para business/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "administrador_empresa", + "routeId": "business.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f1d17c2b19d9d7bb48a99f9391cb7ac5b8acaa85685f52cb4942630f38f6d32b", + "sourceRecordsHash": "10ecf5e6942e1370acc44c11aa79e655a5d324ea8e445a1a233fee9f676802e5", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-587d659a4c282c7715078021", + "humanNextAction": "homologar rota administrativa consulta para business/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "administrador_empresa", + "routeId": "business.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "505b2b794fc430bbc76e80c11cb59f484d6c44f2f1331a74edaef872d15d4e38", + "sourceRecordsHash": "587d659a4c282c7715078021a91d62105284097dade620bc969161477b89401b", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-c7ded42ea265be003bb113b6", + "humanNextAction": "homologar rota administrativa diagnostico para business/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "administrador_empresa", + "routeId": "business.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "3e6d2ec5d40f72aa001a6da61d26cdb3db6112a01dd2d4a567c6abce7f56fbdd", + "sourceRecordsHash": "c7ded42ea265be003bb113b601771a1eb6f5fce906f2fe52923762812891a238", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-63d6d7de2ac68232ac3c862c", + "humanNextAction": "homologar rota administrativa explicacao para business/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "administrador_empresa", + "routeId": "business.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "051170ee6954b9e724eaae7fef4cb0bb8ed88d39c33dbfacc384c58ea0ff1f9a", + "sourceRecordsHash": "63d6d7de2ac68232ac3c862ce9684c9d5ef7e2441f4f4b16ff2404ca344fa0cd", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-7c7be84ac6782615dfeb38d9", + "humanNextAction": "homologar rota administrativa acao para business/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "atendimento_cliente", + "routeId": "business.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1299a53220e003a76a84268297f5a7228d02dce16a07ae3d39a77d0ffc89f1d6", + "sourceRecordsHash": "7c7be84ac6782615dfeb38d9e02b86f0ad0deaf2363267c1194d21093dbed20f", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4e8c564a2d995bc53735548e", + "humanNextAction": "homologar rota administrativa auditoria para business/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "atendimento_cliente", + "routeId": "business.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "57beddad77228c21b6036b410547ade91a1057e7e891838a95863368941bf50a", + "sourceRecordsHash": "4e8c564a2d995bc53735548efabfe94d75a5b51ba45c1ea1e13a44858fe03bf3", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7edecd401588f6ec8c809e03", + "humanNextAction": "homologar rota administrativa consulta para business/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "atendimento_cliente", + "routeId": "business.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "fc9ad6aadbd39a5aa8fb4444e49779f54202462e0d9b7c86e36edaf39383640d", + "sourceRecordsHash": "7edecd401588f6ec8c809e03321d2da8922c5453f10737c591d1ab93b90ef7a8", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0d6b7f9fd95b804d2c99c89d", + "humanNextAction": "homologar rota administrativa diagnostico para business/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "atendimento_cliente", + "routeId": "business.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "c6a4c1161a4ab3ddf0cdab419e336e869d4c3f598724e9fa6075c11563daee32", + "sourceRecordsHash": "0d6b7f9fd95b804d2c99c89daf94687c8399c57f9da494fd711d39269d68c5a9", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8efd2d3db8c8e36d1737e931", + "humanNextAction": "homologar rota administrativa explicacao para business/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "atendimento_cliente", + "routeId": "business.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0bdee52d0d0fa434a2bd5c0cbd79521b962f3b1eaff978b92fa727107b6a108e", + "sourceRecordsHash": "8efd2d3db8c8e36d1737e9314fec019577b0745cfb233c570d63e2858eb2e70f", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8663f918eaf543ba853f6b17", + "humanNextAction": "homologar rota administrativa acao para business/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "ceo", + "routeId": "business.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "bd976d4fd2ff57008416461108920c388cea94b1fad993e1176a20097d00d59c", + "sourceRecordsHash": "8663f918eaf543ba853f6b17f0e5f53f7f0873de4cdc3d32a18f6734fd71aa11", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8626f5e4b0fab4f7034f59d5", + "humanNextAction": "homologar rota administrativa auditoria para business/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "ceo", + "routeId": "business.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "0a7868bfb78b8f713f91492f7a35e282ad970ac87fab3f974b30559fa7920826", + "sourceRecordsHash": "8626f5e4b0fab4f7034f59d586be22c3cb631c08f361f9083eb72c423f7ba05f", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-a1b5c73faabc9adb8acba4f6", + "humanNextAction": "homologar rota administrativa consulta para business/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "ceo", + "routeId": "business.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "e4076ddc0cd4f5445f4a832bdb9b77833fe512f036470298afa797fba9a0fb04", + "sourceRecordsHash": "a1b5c73faabc9adb8acba4f6a561d519eefe768a025223d7417f0a537819d53f", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-97bf7c4fef545240d91a0d67", + "humanNextAction": "homologar rota administrativa diagnostico para business/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "ceo", + "routeId": "business.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "3801b57510c00a1fce40adfc5b8aba77782931a56baae50f84ff3e95dc28ef10", + "sourceRecordsHash": "97bf7c4fef545240d91a0d6794c9ca8989fce742216f4e8daa7f2394ae451a6a", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4910d766c7e8e6539ed20de3", + "humanNextAction": "homologar rota administrativa explicacao para business/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "ceo", + "routeId": "business.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "677e2c9b2e1073a561244cb1452b056cb0c27aef03fc92b54e7efc4033de969e", + "sourceRecordsHash": "4910d766c7e8e6539ed20de3ccc4d8fb629d43766d5a8873ae5926ea9840e161", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-99b8fc9b9bb54a227950015d", + "humanNextAction": "homologar rota administrativa acao para business/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "cliente_externo", + "routeId": "business.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "58d8e5ba1a5694d277ef196e48bc5bee57278b98eba53ee04a5fe88034705039", + "sourceRecordsHash": "99b8fc9b9bb54a227950015d1c8ad52f9be0a93270a1029f2584c3c013dc9fac", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-432a6b6a41e60ad56931f6d8", + "humanNextAction": "homologar rota administrativa auditoria para business/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "cliente_externo", + "routeId": "business.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "5b93e10b9bf98b0bd18a6478cf62fd3b812bca7176a6b46ab1a07fa546c3e15f", + "sourceRecordsHash": "432a6b6a41e60ad56931f6d8e9fb78cd128d8a92807d6a13b4f2385fbc69a1f8", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-dfbddc7a711dcfb103a8f023", + "humanNextAction": "homologar rota administrativa consulta para business/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "cliente_externo", + "routeId": "business.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "4a9fb634f6a22c6a0244b1af53e9073d3d0e16de68085e0856cca49d84535f30", + "sourceRecordsHash": "dfbddc7a711dcfb103a8f023f9bb71bbde77529691b40420f2a60ac6a79e6daf", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4ed9ff47ee3fd85464663f24", + "humanNextAction": "homologar rota administrativa diagnostico para business/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "cliente_externo", + "routeId": "business.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "4cc11e419ea2d351bf24969c0069e96e5148bd9cb3d3a7c22402a1fa96bc51a3", + "sourceRecordsHash": "4ed9ff47ee3fd85464663f242a336dbf1bcc161e8bffd89146216ec6b905165a", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-ed3386af31a57e0f1e8a85e1", + "humanNextAction": "homologar rota administrativa explicacao para business/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "cliente_externo", + "routeId": "business.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "604dc75b46fbffb86e5dc75e35f1568765d4df639d8d2fe40c9ced7d260b81a9", + "sourceRecordsHash": "ed3386af31a57e0f1e8a85e10e3050fe5a841734ca81d6de175576488f3130bf", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-3952a88a55a389ba02c94786", + "humanNextAction": "homologar rota administrativa acao para business/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "contador", + "routeId": "business.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "697740da52ce2b2d2099c814cd0ee8327d2ee05c2efe4fe533c5989f8d42336c", + "sourceRecordsHash": "3952a88a55a389ba02c94786f29715a10558b2abe2b7b0895a9da9b4147e9dc3", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-6551171148e282da243a88c9", + "humanNextAction": "homologar rota administrativa auditoria para business/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "contador", + "routeId": "business.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b181759443f41b750ca3fd10486d6cbf6fca84e03be9065784bd0faa77a477f7", + "sourceRecordsHash": "6551171148e282da243a88c951c4f1d66078ecb2300e1c8bb352d428f593e833", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-4854f96ae070f53c5b63c43b", + "humanNextAction": "homologar rota administrativa consulta para business/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "contador", + "routeId": "business.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "c677323d17cd37326c2234178b1f388211236ef398db2923a405642528fa5081", + "sourceRecordsHash": "4854f96ae070f53c5b63c43b7f39746cb76122fb668238776e4ac1aa97f06f90", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-2cc3eeed20f5d3fc9be99343", + "humanNextAction": "homologar rota administrativa diagnostico para business/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "contador", + "routeId": "business.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ab52203f77d128852c2737c5ba76cd6a7cf198037c138087de58be0707d87158", + "sourceRecordsHash": "2cc3eeed20f5d3fc9be99343572adb4b81ef9398cc390649a63fb87d1ea38e50", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-748749eeb561e01ef20005bb", + "humanNextAction": "homologar rota administrativa explicacao para business/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "contador", + "routeId": "business.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d2de3b3c80a999b0c23b9f9363bdbd4bce3eae2021f6277fbb589ebe46f07ae7", + "sourceRecordsHash": "748749eeb561e01ef20005bbb8f5dddb0401bfd169b38d0fcd8cd79f1cbd1481", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e51c9666ddd06faef25356ba", + "humanNextAction": "homologar rota administrativa acao para business/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "financeiro", + "routeId": "business.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9ded2208c5b89a90b5f852c853c4dfe050dc94b2ced5acdeb2575421f6542338", + "sourceRecordsHash": "e51c9666ddd06faef25356baa2a8c4ed1e5ac463ec8477b08ccc55095d49e691", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-ccfd442014b522c5856ea9a8", + "humanNextAction": "homologar rota administrativa auditoria para business/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "financeiro", + "routeId": "business.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c1f723dba88341dd49d5cf1407b40a229a1b816c2934d28e13420e6947822883", + "sourceRecordsHash": "ccfd442014b522c5856ea9a89e654639a4e3f68767557971a4c1c76f4906fe38", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-149d50ebaae9e2bae7355a28", + "humanNextAction": "homologar rota administrativa consulta para business/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "financeiro", + "routeId": "business.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "6b22bc7ac53a244090bbebe81dde295aa190863ea735111fa1ad3d7c326baa69", + "sourceRecordsHash": "149d50ebaae9e2bae7355a2829485bc4fa962870a219ff89815c21a86da9ab16", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-694117dd77a32806ecc05dce", + "humanNextAction": "homologar rota administrativa diagnostico para business/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "financeiro", + "routeId": "business.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d83fc6883a3ace99ce943643c36d71f3d85da960334b5c938f703c961165c78c", + "sourceRecordsHash": "694117dd77a32806ecc05dce5960efba850636030431335b560ad00c0f571505", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-fbd8f174adb84d168c76abc2", + "humanNextAction": "homologar rota administrativa explicacao para business/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "financeiro", + "routeId": "business.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "273dca5b760363ef6e697dc9e2dd31151d2c51680b8abba03e2bdbe6d3031c02", + "sourceRecordsHash": "fbd8f174adb84d168c76abc2de111d9c0acebbce815f045c7127d0d5da344f7d", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8343bb447358e74b5ecfa543", + "humanNextAction": "homologar rota administrativa acao para business/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "gestor_operacional", + "routeId": "business.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3f31ac2d41d4dfdba7ee36d2c6f58ec8b9e19b9486ca775f23b46ad23df4d508", + "sourceRecordsHash": "8343bb447358e74b5ecfa5432e66829be95bfd896fc9eb54697f4be647723207", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b3a23a04fbfaeefa95b09e65", + "humanNextAction": "homologar rota administrativa auditoria para business/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "gestor_operacional", + "routeId": "business.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "47df57dd789b154361b86a88253d2f48e8c72875f460a09562463693c82ebd7d", + "sourceRecordsHash": "b3a23a04fbfaeefa95b09e65e5b43b79a3314d81223a68b6e2b138c12201d97b", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-9869f60d582b7641ac3b4dd9", + "humanNextAction": "homologar rota administrativa consulta para business/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "gestor_operacional", + "routeId": "business.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f5e9f4aa859f9dcb462a6abb0a0adce18f592f6ad500f5526e25337e98c0cc10", + "sourceRecordsHash": "9869f60d582b7641ac3b4dd99a3d438eadfaa980d381ab9e55f9046c85b88756", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-7be9f47cb88e75fb8f69233f", + "humanNextAction": "homologar rota administrativa diagnostico para business/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "gestor_operacional", + "routeId": "business.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "0457ff11d12150c4f235959ea067d88a3e464f0b987734c80f62eb967cebb1e3", + "sourceRecordsHash": "7be9f47cb88e75fb8f69233fbedc23c50f7dd7215b0d223d1dff44488f2be535", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-abde2bf9dad152aadfdffc7e", + "humanNextAction": "homologar rota administrativa explicacao para business/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "gestor_operacional", + "routeId": "business.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0a62ee4f4b2aefab5a41b7e6030af8ea8f65eb7982cc216b121a91116b252a21", + "sourceRecordsHash": "abde2bf9dad152aadfdffc7e80d91af8fe9c2b7385e5c4f49373e91985922d35", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8be1ae4a33a9739b2c85887d", + "humanNextAction": "homologar rota administrativa acao para business/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "juridico", + "routeId": "business.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "634014b193236b09e334ddf0f444aa602ee0ae343db39b20a1135ae7cf826d3f", + "sourceRecordsHash": "8be1ae4a33a9739b2c85887d7069cf90117cac8f23d290395145bf075e8cb24b", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-a72cb70547a448771ad3ee97", + "humanNextAction": "homologar rota administrativa auditoria para business/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "juridico", + "routeId": "business.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "40850bcebd6cad4bab4f99415f55558489619aa981b16efa8d875aa8faa886ba", + "sourceRecordsHash": "a72cb70547a448771ad3ee9769f9861eb92cd0b9e55fae2faf5888876cd23d33", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-cd4d3d5472947cbbf54e313e", + "humanNextAction": "homologar rota administrativa consulta para business/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "juridico", + "routeId": "business.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "22a48bf8a21a63667dd7fc744ff0f9bf42db069fdd6a6992a92c9d21fbb8a5cf", + "sourceRecordsHash": "cd4d3d5472947cbbf54e313ee3c8f99c9767e1528387942a479381cf39613a1e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d84aa405d12bd4d3a52e0f62", + "humanNextAction": "homologar rota administrativa diagnostico para business/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "juridico", + "routeId": "business.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "c42d91e49a4c3407da6d3a3f591373c16854cc615ac1332403fb0e0785eaddd2", + "sourceRecordsHash": "d84aa405d12bd4d3a52e0f62426977506d8c06a41a379b4d8967ce62e1505fec", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-1406eecf16ebedce04528310", + "humanNextAction": "homologar rota administrativa explicacao para business/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "juridico", + "routeId": "business.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "5c4f8e636cfdc0e9292449069105a98ec8c1344b1fdd74ef34654aad233b6479", + "sourceRecordsHash": "1406eecf16ebedce04528310b3455deff78fa558e82d68f0fe6e56ee66505087", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-ee7fa3972d690dad1a9f6be2", + "humanNextAction": "homologar rota administrativa acao para business/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "planejamento_estrategico", + "routeId": "business.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f7e8e4c4c31a2e20380fb12b1f766eb22d5d1e8b08a6c194d03bd63478b2cbce", + "sourceRecordsHash": "ee7fa3972d690dad1a9f6be2c04087650b3fedc69225caee29576467b700246c", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-0c08c37c640031563180c4c9", + "humanNextAction": "homologar rota administrativa auditoria para business/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "planejamento_estrategico", + "routeId": "business.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "0c22db82eb615c3001b9ffee3609aece9153901ebea7bd23636c1de1e6bf10b1", + "sourceRecordsHash": "0c08c37c640031563180c4c90e9dbb2eaffab2bc4e69ec55813462fd9be2b74a", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-42e6ef74d938c77746cdb72c", + "humanNextAction": "homologar rota administrativa consulta para business/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "planejamento_estrategico", + "routeId": "business.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "9fac3e1a4657e07c1223141991db2329561d479767987e414562b4038dc0bce0", + "sourceRecordsHash": "42e6ef74d938c77746cdb72c54a5b985bc53a008eb49d33d2b3b828b52a6d52c", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a636fc25bd02c4ffb16c6962", + "humanNextAction": "homologar rota administrativa diagnostico para business/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "planejamento_estrategico", + "routeId": "business.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "f3d46d3c766433b2b08fba4d7245e64557f64c2a8ce9d71686a33b168b742ac7", + "sourceRecordsHash": "a636fc25bd02c4ffb16c6962b10db9aa8e1219e3ce9e0fbc2e887132e581d994", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-390f4acf1816ed6b560751a4", + "humanNextAction": "homologar rota administrativa explicacao para business/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "planejamento_estrategico", + "routeId": "business.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "50547d17b2d54668f7b25efde5a71ee7bbdc3e2c7c33710dad5942d558d3ece7", + "sourceRecordsHash": "390f4acf1816ed6b560751a4d2a991b8d8aa09205711197418e2d1ed8f097c19", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9e23c6cdbe89617a2dde08e0", + "humanNextAction": "homologar rota administrativa acao para business/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "secretaria", + "routeId": "business.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "766fc9009d91e93cc458b18215273f9c453def3152c4a9db70a8f8ddda8b1059", + "sourceRecordsHash": "9e23c6cdbe89617a2dde08e0d6af6e98487c73a8cadd5f5360eadfd40f55d7c2", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-45083e2a5123c61a5547e5c9", + "humanNextAction": "homologar rota administrativa auditoria para business/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "secretaria", + "routeId": "business.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "89d81c59e668aa4387e029625ad43defd3dfac9ab0e2aacd9c737a24e07415c5", + "sourceRecordsHash": "45083e2a5123c61a5547e5c94c0a9d3878bbf79411db564a040ec747624df9f9", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5621cbe62605d3c619f2f2b3", + "humanNextAction": "homologar rota administrativa consulta para business/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "secretaria", + "routeId": "business.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "44de917b6700e25c5f9b43c99622d0c99e0b84ec99a2f7099039f90b1be11652", + "sourceRecordsHash": "5621cbe62605d3c619f2f2b33c22331088e601df155f71c5f34263b90be6aa38", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e8987454edc7c9c674750669", + "humanNextAction": "homologar rota administrativa diagnostico para business/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "secretaria", + "routeId": "business.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d21a33cd8abfe2a18799a8fb4b359fd62e11cc37e7fa6c85c7289b754a03155c", + "sourceRecordsHash": "e8987454edc7c9c67475066980f85901a8c8ff75fb949eca396b6277fded2de2", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-6f5bef2eb928bbad1f1065c0", + "humanNextAction": "homologar rota administrativa explicacao para business/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "secretaria", + "routeId": "business.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2f5e03b13e7fe4ccf6661e8155f94be741ab64a340c430fdbe2a6ca5e47dc6a3", + "sourceRecordsHash": "6f5bef2eb928bbad1f1065c0f27afca4d35a1cfb740838db9f99829f08d276c4", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-029f16f1af46ae6578c54d12", + "humanNextAction": "homologar rota administrativa acao para business/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "suporte", + "routeId": "business.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6d9c7569c3da3af47c2c2fda8773dd513a89bc59da97fd8dd2f5e26eadb02588", + "sourceRecordsHash": "029f16f1af46ae6578c54d12ce061b7aae60e225c27592ab797f3b5766e733aa", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-237e8bbe3e47bbb682b5ea44", + "humanNextAction": "homologar rota administrativa auditoria para business/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "suporte", + "routeId": "business.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "478bc822ed17caf9ef0671500548b286cea7f2634395af307fec427e614b3238", + "sourceRecordsHash": "237e8bbe3e47bbb682b5ea4489ee557ebb9e9aa73d110ebb0ca9a3110e7ac77e", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-c66881c2529beb1c3187927b", + "humanNextAction": "homologar rota administrativa consulta para business/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "suporte", + "routeId": "business.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "238823299ae492c5d8cb41b191d0d411fa55372d9de17ec7a42289e9026dafaa", + "sourceRecordsHash": "c66881c2529beb1c3187927b804d0134d952ea899a77a869096f4dcabeceb61e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a00b226d05e4c8d75f5d85f3", + "humanNextAction": "homologar rota administrativa diagnostico para business/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "suporte", + "routeId": "business.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "6e28c54505db5e693e497f2249733c3cf9b284501f1a89b8f1a55755a57678bc", + "sourceRecordsHash": "a00b226d05e4c8d75f5d85f3088e952b5dea00881377106be1e8f31ff7c38e17", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d79ebee53e8c208df54686a9", + "humanNextAction": "homologar rota administrativa explicacao para business/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "suporte", + "routeId": "business.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0273e099dd149aae8764512482be06acd6d39a533f47e2de10f8eda0c2c9aec3", + "sourceRecordsHash": "d79ebee53e8c208df54686a99ca73e197368a3608e75f2f8262b44cd8698be5a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-883daaaa95091e12b865b607", + "humanNextAction": "homologar rota administrativa acao para business/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "tecnico", + "routeId": "business.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ee8f8441cb4ec10f744f1ff7c706bfc1339a26d542f434c3b69f3ac7bda783ed", + "sourceRecordsHash": "883daaaa95091e12b865b607fc0a3eaa089b8ac99b15a23ed550be78930f2c90", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-674a5a24f73ed1dfd48eae49", + "humanNextAction": "homologar rota administrativa auditoria para business/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "tecnico", + "routeId": "business.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "97251a36202e64d62be66b3c7273bb7145cdc18d7b87d5bb71433617404e0a4e", + "sourceRecordsHash": "674a5a24f73ed1dfd48eae4909ea2497ca20cdd275dc5af73a0d7388f64f90a6", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-432c72168bf314152e9bdf8e", + "humanNextAction": "homologar rota administrativa consulta para business/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "tecnico", + "routeId": "business.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "868391193e158cecf2b60dd5103eec767673cfe482bec3b17b0775dd29141467", + "sourceRecordsHash": "432c72168bf314152e9bdf8e6ac71c2ed29ec44e51c8f5e8dc7ed984fdd5fc77", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-faeee54c17c05c63d6eb6b88", + "humanNextAction": "homologar rota administrativa diagnostico para business/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "tecnico", + "routeId": "business.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "512fc59c88fa6975e5a7ae98705fa5cd6364fd0cd99359e86c846d1626cc42a8", + "sourceRecordsHash": "faeee54c17c05c63d6eb6b88ceddd7ebcc6459e77ffc8fd04eab19a8db128dcf", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-07fba005b74fd872345c580b", + "humanNextAction": "homologar rota administrativa explicacao para business/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "tecnico", + "routeId": "business.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4658c8c10ffb48bb3294ee67cf2bc1e4a5f901f09bd961e5037cc45080ea39e8", + "sourceRecordsHash": "07fba005b74fd872345c580bc431147c6e5a9d9ed9674e4e4a388251bc83b760", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-c6e6037125061adc5ed6736e", + "humanNextAction": "homologar rota administrativa acao para business/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "business", + "profileId": "usuario_final", + "routeId": "business.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6b3eb8aa4f54b00bd211376405143db02a567d35927e898e4d5267bc7303e97b", + "sourceRecordsHash": "c6e6037125061adc5ed6736eec4f2cedce977ad005f6cb4d254159641b9c5767", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-7a9c2f9fd20b59812fbf675f", + "humanNextAction": "homologar rota administrativa auditoria para business/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "business", + "profileId": "usuario_final", + "routeId": "business.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "5b1b11c3d6ad27a010d235c5cfa01558a3a5d0f71a2cdbeea8f2065d2b3b255d", + "sourceRecordsHash": "7a9c2f9fd20b59812fbf675f1e2de204432632df64aacb6b1d03f4d14d734be9", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-6a25903178ca93b54c7673bf", + "humanNextAction": "homologar rota administrativa consulta para business/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "business", + "profileId": "usuario_final", + "routeId": "business.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a5025d532a44da0e6d9e4da6c636e7f9cc27883ce44f800576d35958323eeac7", + "sourceRecordsHash": "6a25903178ca93b54c7673bf1bc802abc154eeae371b1e75f9611e0f6e7f8d9a", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-552723b48fd546501370a743", + "humanNextAction": "homologar rota administrativa diagnostico para business/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "business", + "profileId": "usuario_final", + "routeId": "business.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "fe6610d90f27ef04d5ba4ba59e2bf0778b9ee5cca76fb2f4b277d1c1cd6af09d", + "sourceRecordsHash": "552723b48fd546501370a7435c30435deb90a951f584344a809188106fe44492", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-372fc021da7ae4a961bca34c", + "humanNextAction": "homologar rota administrativa explicacao para business/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "business", + "profileId": "usuario_final", + "routeId": "business.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ddb62b820a179439d794c7f6f29ad1924d6b54f0f94c5ced3324fff5073714db", + "sourceRecordsHash": "372fc021da7ae4a961bca34c31846443fabd45c151537d84dea4c2c2b847b8b2", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-421d97740c6c748241218cd9", + "humanNextAction": "homologar rota administrativa acao para compliance/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "administrador_empresa", + "routeId": "compliance.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "95610758d1f1275557afe68203eb62af7beec5a731b9e7f35fbfbf8dade2612d", + "sourceRecordsHash": "421d97740c6c748241218cd946d1854bb4aa7b2db1c0ce82167776c78ec0f48a", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-da71a08a14a5361908269daa", + "humanNextAction": "homologar rota administrativa auditoria para compliance/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "administrador_empresa", + "routeId": "compliance.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "61b73e9ecf392c5a570a4695ac647fbfb5d4a38f490a0b47cbb5f41d65d10dda", + "sourceRecordsHash": "da71a08a14a5361908269daac0c5b0781e6d401b8ad0764bfbc117a8b404f148", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5e1ee3a252953bb0ffa17332", + "humanNextAction": "homologar rota administrativa consulta para compliance/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "administrador_empresa", + "routeId": "compliance.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "865627e7c1446a86d098408d7d8e1aceab3814807f1da1041db23201d5c09103", + "sourceRecordsHash": "5e1ee3a252953bb0ffa17332db74de07be3b7dbcc183d682bda6b8499242349a", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d3d75fba0ce5ad7c088fabc2", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "administrador_empresa", + "routeId": "compliance.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "755e05dce5a5d3a00e28a1c2e34f9454eaca42f6b7a77d851bacea24cba04d7c", + "sourceRecordsHash": "d3d75fba0ce5ad7c088fabc226f39964182c7531d84c419f376f8c03d449fd63", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-30d751c14e86489cc2b32207", + "humanNextAction": "homologar rota administrativa explicacao para compliance/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "administrador_empresa", + "routeId": "compliance.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4b7866f85bdc939833d31499ddfcc0332522216e2036999564d99f4d45bda54e", + "sourceRecordsHash": "30d751c14e86489cc2b3220788ea451a7e5bd5d44b2968a284b77530bf99a38c", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-a0e0d70a285e01aa52447123", + "humanNextAction": "homologar rota administrativa acao para compliance/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "atendimento_cliente", + "routeId": "compliance.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e01020978451ed2d9c5389ed2521bfe67bd0f6f7e1c4f50a2932e54047870ca9", + "sourceRecordsHash": "a0e0d70a285e01aa524471235dd54621797587cdd6811f45335a4c0caad85b28", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-e6a362f1d2d20a36edfec854", + "humanNextAction": "homologar rota administrativa auditoria para compliance/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "atendimento_cliente", + "routeId": "compliance.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "36358ac5ef7513ff4824884eb281ae436c9d379d5192c38b0e0b001b69337f47", + "sourceRecordsHash": "e6a362f1d2d20a36edfec85462dc741a1330d58d3320179600074ece10b15b9d", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-b55c69456db525ee2dbf1c8f", + "humanNextAction": "homologar rota administrativa consulta para compliance/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "atendimento_cliente", + "routeId": "compliance.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "403d748cf5f625357043f67e56f7d8eb5d56c535b1763438f70dbacb133dbd39", + "sourceRecordsHash": "b55c69456db525ee2dbf1c8f738617099ece60d035ed917cbbe17461a16bd05b", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f88ddce83206fbf947371a12", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "atendimento_cliente", + "routeId": "compliance.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ef3a0b13c78b2f010fe647a815ea1cbfb56a38b4f23b9ded36cb0efe7cf28dbe", + "sourceRecordsHash": "f88ddce83206fbf947371a12f1f7db442474cec3cd52c2f7c1ad148ef876bb31", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-6d9a659e6b5160cc17b38283", + "humanNextAction": "homologar rota administrativa explicacao para compliance/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "atendimento_cliente", + "routeId": "compliance.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "b74a380e59e50265f62523aa27e026ece831f7d8d12d5e9303dc476d7a60fc5d", + "sourceRecordsHash": "6d9a659e6b5160cc17b38283d90864aa07dc3491b4905b0d129ed8902fa2ad00", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-6fcfe225f146ea6387759298", + "humanNextAction": "homologar rota administrativa acao para compliance/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "ceo", + "routeId": "compliance.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2f574faf8ded0239bcc1c8f5c67df5e37b50cea317d0fec4055ab7be9a228758", + "sourceRecordsHash": "6fcfe225f146ea6387759298774419fac809f2b35b6cdbb87f86697ffe1429b1", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-2a2a08255aa813ef65a426bd", + "humanNextAction": "homologar rota administrativa auditoria para compliance/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "ceo", + "routeId": "compliance.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "fd8b68a0619ee11b00522147d0b7b8baaaf82a02387c302eec9d857507f63d57", + "sourceRecordsHash": "2a2a08255aa813ef65a426bd25e0d422f45cd938b6d5e6ce53969c2afe031ce5", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-992f04a502f6ddd9daf0b97b", + "humanNextAction": "homologar rota administrativa consulta para compliance/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "ceo", + "routeId": "compliance.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f823ab70acf3b849697d9300480d43e31e5a66908d4488e44261f02b43928110", + "sourceRecordsHash": "992f04a502f6ddd9daf0b97b9b18cde405df8db62d7b4c7ff364c32486f94a51", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-9738c928212fa58c6b0a53fc", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "ceo", + "routeId": "compliance.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "b308b090526cb9a54d022358185b532def4a21f3a0609a9315db09c5eddde83d", + "sourceRecordsHash": "9738c928212fa58c6b0a53fcc42127980ffda0c1ec64c08283eba3f986fc9c6d", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d360c27674acf2dc72bf64f8", + "humanNextAction": "homologar rota administrativa explicacao para compliance/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "ceo", + "routeId": "compliance.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8d5a2f48af17495c73fbe090e748eb7420db742b1f06d014c20552685a1a9a08", + "sourceRecordsHash": "d360c27674acf2dc72bf64f8678f65de79f3c10c7ecbe733c0f2148ecf261dd9", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-043eb1e6a85bfc8da961f435", + "humanNextAction": "homologar rota administrativa acao para compliance/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "cliente_externo", + "routeId": "compliance.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "438d9c7af33d986ec89d61252cbf4ee68a300c692f7e918b51b393f4c2c8283d", + "sourceRecordsHash": "043eb1e6a85bfc8da961f4358ce267f7d18fe93b613352f67ef09762c4917ff2", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-fccdeeffbefda06bfc324d12", + "humanNextAction": "homologar rota administrativa auditoria para compliance/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "cliente_externo", + "routeId": "compliance.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4a24df0292527acbd75ee6599fc764f346cf58c156cf9f134816f8fdf2e29e40", + "sourceRecordsHash": "fccdeeffbefda06bfc324d122be0a52ac1ea52a4b57dd691e336cf9c934d686d", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-db5b3feefe77274a7ee958dd", + "humanNextAction": "homologar rota administrativa consulta para compliance/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "cliente_externo", + "routeId": "compliance.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a797d3c908d83e7ec274c484f2294c005485a9c155f17374d9a760ec7015c4cb", + "sourceRecordsHash": "db5b3feefe77274a7ee958dde60a934c9f0e84047f808746962a898396283ef4", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a7c2e4b1a1a9b7efccef8ef7", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "cliente_externo", + "routeId": "compliance.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "842485b47f1ded5d6dc50f3b3c566c52b1bdac7f2131373edaa8122f56f0b263", + "sourceRecordsHash": "a7c2e4b1a1a9b7efccef8ef75df07645fbfe2f61b4f9e3df6e7b6fa67743b123", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-0769489680cf26dec1527f6e", + "humanNextAction": "homologar rota administrativa explicacao para compliance/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "cliente_externo", + "routeId": "compliance.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "49c9fd99dd696919f71435c00d611b81caa198bed17af5a48eedcf79694fa900", + "sourceRecordsHash": "0769489680cf26dec1527f6e2ab4a9287a80312e1aaa843d32db7bd686c6a2db", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e1574481a65786a59e8667be", + "humanNextAction": "homologar rota administrativa acao para compliance/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "contador", + "routeId": "compliance.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "76378cdd16d0e2119b5b5813981235f45a5a039ecced2c597b00a5a1a9aacffa", + "sourceRecordsHash": "e1574481a65786a59e8667beb156cdb2b44ab9e1a2648d88a1b0c1776e87b827", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-dfc305d7e6bc414380927365", + "humanNextAction": "homologar rota administrativa auditoria para compliance/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "contador", + "routeId": "compliance.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "2471e4c9bd650f2b354523f9db8d9fff5216fe64dc7d051b637cd5ae1a31483d", + "sourceRecordsHash": "dfc305d7e6bc4143809273658c11e7314b0bec0b21f0faf9e08347efba220448", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-a781034adf6a863661f74c40", + "humanNextAction": "homologar rota administrativa consulta para compliance/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "contador", + "routeId": "compliance.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "df9f8c70a88faa7f2e1e60b2024113a60b074ac7fcb78a9c3bffdd2f28d83bca", + "sourceRecordsHash": "a781034adf6a863661f74c40100a8fd5779a0100b7c8b852e6932ea4d354805f", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3096bca3fbed3d072f4ba9c0", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "contador", + "routeId": "compliance.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "606c0b708c88c9c427fb7516f9614874a51eb7d57632a15d9dcb44d1075f35ac", + "sourceRecordsHash": "3096bca3fbed3d072f4ba9c07b793f8d51e17fc536ea09005fd2d839abcbe965", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4a9d30a7a3d2c99afe6519be", + "humanNextAction": "homologar rota administrativa explicacao para compliance/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "contador", + "routeId": "compliance.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8b5ba21d027248869344dcd2a57e8a3dd73bc308e5b3a8223988e572de2d2e7e", + "sourceRecordsHash": "4a9d30a7a3d2c99afe6519beb4b3d46c21bc7e7bf26b22806c6021b95344a160", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d9b19d82ef0a09658c9c29cd", + "humanNextAction": "homologar rota administrativa acao para compliance/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "financeiro", + "routeId": "compliance.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "57e0105999ad67d092c708017f1103b92bf2d41e6c4b94efedb30ae27a56f7ca", + "sourceRecordsHash": "d9b19d82ef0a09658c9c29cdf100b90b9c8972d3d44f067cb7f622cc8f804a5c", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-711c0bd1b8ce79facd1a08b9", + "humanNextAction": "homologar rota administrativa auditoria para compliance/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "financeiro", + "routeId": "compliance.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "8dabea178584cd8eac838c210087fedc91a926395602d432453bc6d7897c749d", + "sourceRecordsHash": "711c0bd1b8ce79facd1a08b980ade64387e8c977262e9343624e3b72fcb04dcc", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7fbb7dd1323952eeea9a0e1a", + "humanNextAction": "homologar rota administrativa consulta para compliance/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "financeiro", + "routeId": "compliance.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "ee28bde90f33cf3227073f4bf3e490d9e155eb70c3579e8f963cc4ea5ee68d58", + "sourceRecordsHash": "7fbb7dd1323952eeea9a0e1aa9976621d861464d814baf4436ef6a9ebc8b4fa7", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ca5156c0c8582f5c6e2fb561", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "financeiro", + "routeId": "compliance.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "b21c4bf0c3ad4722c37ed6c1828bf0776d3dbb5068a401df2f535a431266515b", + "sourceRecordsHash": "ca5156c0c8582f5c6e2fb561320d7a70c373abaeee2767a2b1a2332b6b3268d1", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-04399664610dafb4342c7fe8", + "humanNextAction": "homologar rota administrativa explicacao para compliance/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "financeiro", + "routeId": "compliance.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "459fb8cc9a27e565f5af7023075657bbeb3fae176af7ac6371131bb3e3187fa5", + "sourceRecordsHash": "04399664610dafb4342c7fe866699c4357a584ea16e889b222f0eabd43a863e4", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-2c706d2f0f15d65a86425a7e", + "humanNextAction": "homologar rota administrativa acao para compliance/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "gestor_operacional", + "routeId": "compliance.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4dc4b3184f00cae60fd5a367e952483b961a4f1ac2be7d0860bc82cb7a0de0b2", + "sourceRecordsHash": "2c706d2f0f15d65a86425a7e128d29037cc4dac3c68ccff4f055ff002907475c", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-626f043679ceb73668a44c49", + "humanNextAction": "homologar rota administrativa auditoria para compliance/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "gestor_operacional", + "routeId": "compliance.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "9643383632a567bf814e5e22900230753659ce75eb4da362e1b17c30766b2bb4", + "sourceRecordsHash": "626f043679ceb73668a44c494085f6b7bc019ddaabf0176c59cfa439d7c0c902", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-71e9470868e3cd5cee4dcb5d", + "humanNextAction": "homologar rota administrativa consulta para compliance/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "gestor_operacional", + "routeId": "compliance.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "27092e4c7a47c9f953044fb8be415487afb52c85d44118e5e852936ccbb839d0", + "sourceRecordsHash": "71e9470868e3cd5cee4dcb5dca0a9aa91ee95bbc33a366f64172faa3ff1424f7", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3965499d44e0f059e2dd2754", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "gestor_operacional", + "routeId": "compliance.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "0f0c7d15dd0cc66ae69ef3730a045a78d594dd60d618468a9bc569da93c03dbe", + "sourceRecordsHash": "3965499d44e0f059e2dd275488a608c41c3b868c046c87cef625d672c36d974b", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b2d18bdce27cf85ebc603fc9", + "humanNextAction": "homologar rota administrativa explicacao para compliance/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "gestor_operacional", + "routeId": "compliance.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "cf53b062e44bef90594b122ba1f603ed7e19095eb67fa12651cbf78c61c9adcd", + "sourceRecordsHash": "b2d18bdce27cf85ebc603fc9cb1b5a74e50ad7d32f3800210fd28e14c027e049", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-6d4a344f9a12d1c66d4e3ec6", + "humanNextAction": "homologar rota administrativa acao para compliance/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "juridico", + "routeId": "compliance.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "eaa561405af97490b772dbdc3748c40415754bea5c5e4c3876bcc05c4948e200", + "sourceRecordsHash": "6d4a344f9a12d1c66d4e3ec6b8da61a973cb9bd6918df5aabe41e4b1a775d970", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-2985d0c7dda4c233b2fc59bd", + "humanNextAction": "homologar rota administrativa auditoria para compliance/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "juridico", + "routeId": "compliance.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "630d3b626e5a65f86d5693a66afed56cb910319c86abf02f6a277eef80692ba2", + "sourceRecordsHash": "2985d0c7dda4c233b2fc59bd5decf8e2802837164e4940ae47688b15fe972a0c", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-e390831e33de80045514040f", + "humanNextAction": "homologar rota administrativa consulta para compliance/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "juridico", + "routeId": "compliance.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "8410b16e56eee12ed2e25f488fc132c1d76cc807c9f70c791a46740c2afe2f3d", + "sourceRecordsHash": "e390831e33de80045514040faf207ce4fd8776582f13d6dfb40b81d2f641ddca", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-c4e66185cdf949f41f90a1ab", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "juridico", + "routeId": "compliance.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ba75d3dfddc8fcc0b8e2b6d116822ed9b37ead343f76416db844ddebf9a88d02", + "sourceRecordsHash": "c4e66185cdf949f41f90a1abbc089be7ecc65c9d8517692efd326feddb6b4317", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-fbe864cfa750654d5741a786", + "humanNextAction": "homologar rota administrativa explicacao para compliance/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "juridico", + "routeId": "compliance.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3c1f71411ee7cf8aae746255293fa10ea0cf60d07f987aa8a61376ada8ed3645", + "sourceRecordsHash": "fbe864cfa750654d5741a78695b9243f9b9270dd5ed2b048194991e248e36aef", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-ad8ccf701e72652bcae80479", + "humanNextAction": "homologar rota administrativa acao para compliance/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "planejamento_estrategico", + "routeId": "compliance.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c982b655518732cc50faa276f90f4169e99b084d399a2dabd8f270ac7effcb52", + "sourceRecordsHash": "ad8ccf701e72652bcae804799f82e5a9bfc8e8f2603f2c5ecfc4c3a8736b99b4", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-1e1b61e5839fae182833c595", + "humanNextAction": "homologar rota administrativa auditoria para compliance/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "planejamento_estrategico", + "routeId": "compliance.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f5da9b8c417c9be3e70f8b6500cccae83ac3caa7e6c7107df310e1cee1ce0ec5", + "sourceRecordsHash": "1e1b61e5839fae182833c595af81468c81575a06293b48cbbf7641b32f3dec15", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-e9e5e308341227e00a81a581", + "humanNextAction": "homologar rota administrativa consulta para compliance/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "planejamento_estrategico", + "routeId": "compliance.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "66aec318ba43e4b13c8893dfdc6176c1ea0288fab38e1ba4af30f81e56801c7a", + "sourceRecordsHash": "e9e5e308341227e00a81a5810fa273ec006945e72543ed1808825f72a81f9b58", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d219cbd8676c8a88b6927520", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "planejamento_estrategico", + "routeId": "compliance.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "21a7580f3b9f68a456451cd6538a06a4aeb077714f23552674e96a553b96d12d", + "sourceRecordsHash": "d219cbd8676c8a88b69275204dfc6a97723af6faab9aba8fb5ca10be43cf46c7", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-17931610f091a97b1be26182", + "humanNextAction": "homologar rota administrativa explicacao para compliance/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "planejamento_estrategico", + "routeId": "compliance.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "af969ec8d85da56fa50ff88363f33e1578fbec2ec53ed1f2bd71242229175202", + "sourceRecordsHash": "17931610f091a97b1be26182342e7e12a0d4608e07469cd9fb4abf46cb144fb7", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-afb2d9e11859c0d9118a0a0e", + "humanNextAction": "homologar rota administrativa acao para compliance/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "secretaria", + "routeId": "compliance.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "240c3db34b8a8d9ee81d8dd70f6d46083398021292cd87b8dd3e8b15a6581b75", + "sourceRecordsHash": "afb2d9e11859c0d9118a0a0e9f0bc753aa75c1bd4911800c66d9dc855bb17028", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-ceff2af0341593dba74f07cf", + "humanNextAction": "homologar rota administrativa auditoria para compliance/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "secretaria", + "routeId": "compliance.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "9deab34e4f3b4f2746c2abca72f1b6801a3ae11b0d7085b2ef2cb1ee92eee1bf", + "sourceRecordsHash": "ceff2af0341593dba74f07cf5da64dfa64a7a0b786111b7641d2419a52866fae", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f3d917611ef8bb62c667c747", + "humanNextAction": "homologar rota administrativa consulta para compliance/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "secretaria", + "routeId": "compliance.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "4147bb28d4ead07aa35f4eb3e48ab2fc587b11a42b4660468bf53db3ae32ada0", + "sourceRecordsHash": "f3d917611ef8bb62c667c7476bfc227ce1140ac6fbc7c454c6452e3024d631f3", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-2a2120f5e6ac500183f8afec", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "secretaria", + "routeId": "compliance.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "fdb58bf8bda585eaee9d5d95223ba35565172a8890d90cba15aaf1353143841b", + "sourceRecordsHash": "2a2120f5e6ac500183f8afecd19e3d0e64bd583b3c68090a6b5c4653152500f2", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-1a75fbf206a46a3a867c7f40", + "humanNextAction": "homologar rota administrativa explicacao para compliance/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "secretaria", + "routeId": "compliance.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "36bf8a71338c1d2fc1a601c5d71df1101e3705bc95817412e756debc8cdb5144", + "sourceRecordsHash": "1a75fbf206a46a3a867c7f40acb685866b1680601324d35e115c14cd9a7520b0", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-36499e555d54edeb736f7f8c", + "humanNextAction": "homologar rota administrativa acao para compliance/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "suporte", + "routeId": "compliance.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4f697a5f0129e0ea60fd03b5d942462d836f9c60beeac8b8b1c4b45f667104d1", + "sourceRecordsHash": "36499e555d54edeb736f7f8c54d276aadd980cde29b2809b67b9825c029e7072", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b55cf00e3af8f4ec5e2b8325", + "humanNextAction": "homologar rota administrativa auditoria para compliance/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "suporte", + "routeId": "compliance.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "04db6ab59588c434420ada8c74869401774b7ebc99436fc30d14fe6769365686", + "sourceRecordsHash": "b55cf00e3af8f4ec5e2b832574db8ce9d7e7fd0a34466e458bd36cb812c526a0", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-298456292b7717b5c5174ec5", + "humanNextAction": "homologar rota administrativa consulta para compliance/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "suporte", + "routeId": "compliance.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "807701cdddaa5c54c2b35e542afb59b37dc30487aa4a65aba78f54cc5ba59ab1", + "sourceRecordsHash": "298456292b7717b5c5174ec5e7f17d3f288da7166dce04d7669681cdbcda181c", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-b67a15a015b3928efc9c4923", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "suporte", + "routeId": "compliance.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "31036b94029c53ad7672843aa537af2045a7bde91936d529d32be0e102731acc", + "sourceRecordsHash": "b67a15a015b3928efc9c4923cb3a19b38a6139e99ba9b86b6dac211f2159d0f7", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-0583bdb82cfbcaec1bfaf870", + "humanNextAction": "homologar rota administrativa explicacao para compliance/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "suporte", + "routeId": "compliance.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "b67ba4a2d78969a39a1acb3c1f075bc834b40d38c2da91510f39d5fb354d864f", + "sourceRecordsHash": "0583bdb82cfbcaec1bfaf870f78ffbcbadbdaafc2df1ceda7b6724be5beac2ef", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-432adc362307bf454e5eaecd", + "humanNextAction": "homologar rota administrativa acao para compliance/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "tecnico", + "routeId": "compliance.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a3f1ffe200db00c310b064d93a0c5d975653dc0c7ea6409f624016d1ed141c7b", + "sourceRecordsHash": "432adc362307bf454e5eaecdba48286038946a71e72c31d96ecfd2b9ee5a3da5", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-85f41fc0321d80acf250f8e7", + "humanNextAction": "homologar rota administrativa auditoria para compliance/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "tecnico", + "routeId": "compliance.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "9f211a00c64050e36230b7bfc7f8cf833cafa3d24d24a6f532c6e971995a4aa9", + "sourceRecordsHash": "85f41fc0321d80acf250f8e7af715e4469eea7b206a6cda9e263f4a125023f16", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-1ee8f578bc1ac6696743b052", + "humanNextAction": "homologar rota administrativa consulta para compliance/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "tecnico", + "routeId": "compliance.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "bec5dec549573ff84130d940f5a86bd4bdcf597a2fc01623559f4c150a9f5287", + "sourceRecordsHash": "1ee8f578bc1ac6696743b0520d400db070091ec2a96b9428cd6e2024f07e1440", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8c3d7261a3b3bd85d5cd0cdf", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "tecnico", + "routeId": "compliance.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d6dbfdd6445db7fad331ba1bf15d4770c3c3c4f9698d61e8c28355614d00b39f", + "sourceRecordsHash": "8c3d7261a3b3bd85d5cd0cdf0c676d1a01cfa41d571727574862c7c54fbb9348", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-2dc1cd5321b9d6cec0531dc7", + "humanNextAction": "homologar rota administrativa explicacao para compliance/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "tecnico", + "routeId": "compliance.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d058baebe3cd4c7236f6595916d180e02c0f8450e270719ee1038bdefdeb000f", + "sourceRecordsHash": "2dc1cd5321b9d6cec0531dc77687d2d2502cb43149b8ec531a113482dbba84e5", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-c7cdfee0b4d9f6cd6e87276f", + "humanNextAction": "homologar rota administrativa acao para compliance/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "compliance", + "profileId": "usuario_final", + "routeId": "compliance.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "700d4fd39ffc523f3aa51830472e5bde72d78e117f5884857dd257c584fbc233", + "sourceRecordsHash": "c7cdfee0b4d9f6cd6e87276f45ea7197a65b2702e5aa9440b4a3576a8cdb2823", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-103e9ec85a4139f2c1f90e5e", + "humanNextAction": "homologar rota administrativa auditoria para compliance/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "compliance", + "profileId": "usuario_final", + "routeId": "compliance.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "91db222ee019f118d4f734db5a87f65e6d556875a01e212fed5e5df45293b942", + "sourceRecordsHash": "103e9ec85a4139f2c1f90e5e6a9b7b53bc92114b74335f6415ece1df963072d5", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-8fbc6cc1a391d5e6b10ba806", + "humanNextAction": "homologar rota administrativa consulta para compliance/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "compliance", + "profileId": "usuario_final", + "routeId": "compliance.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "6d2e50e663f584260e4fb99911559aa7251c2059cf9a4a9a658b06ecbd850dff", + "sourceRecordsHash": "8fbc6cc1a391d5e6b10ba806f24b4f0daea59ddeb99f63233a9c947b727cb001", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-491d3e48c0831656557569f6", + "humanNextAction": "homologar rota administrativa diagnostico para compliance/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "compliance", + "profileId": "usuario_final", + "routeId": "compliance.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "bb8d2b6094e43a3f6823d626ee9f475ca7d5c2cd268b086edc21644691156232", + "sourceRecordsHash": "491d3e48c0831656557569f6c9a0eca71c825ab5259d772f58fac456afa33b69", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a123e8b4980eb0a70baf654e", + "humanNextAction": "homologar rota administrativa explicacao para compliance/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "compliance", + "profileId": "usuario_final", + "routeId": "compliance.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0b6e02e6bdf9b31094009323e2c011181be310ec7f990704cf2d343aac1966cc", + "sourceRecordsHash": "a123e8b4980eb0a70baf654e3f80ffbe0c003fece484b2bde176320db4673f99", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-cfcfeb945715dbfc0766a857", + "humanNextAction": "homologar rota administrativa acao para customer_ops/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "administrador_empresa", + "routeId": "customer_ops.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "948ae9de7f99094f56123932a88ea81fc0caf16fb666345942f09bd6e255f1b1", + "sourceRecordsHash": "cfcfeb945715dbfc0766a857eef41c99954949e91028a3fb8763f37493cd5af8", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-468e669a7a4d6c1dbb36243d", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "administrador_empresa", + "routeId": "customer_ops.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "841f9d0a8e286b084ef0dff4f206fe12a492eb3f2ed29091bb57fdeda3ee5997", + "sourceRecordsHash": "468e669a7a4d6c1dbb36243d03f19d43124a16effad3cf921a2cb98045693af0", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-654beed97df178ac4c88a751", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "administrador_empresa", + "routeId": "customer_ops.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "5a2910387a2b4cf442767a9c52c80be573c1e758bc9ec65d04d1b610d2e32165", + "sourceRecordsHash": "654beed97df178ac4c88a75141210dc5a98da056725cf8b1f14df33226d8de49", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-9465b99e620ea05fe947c33f", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "administrador_empresa", + "routeId": "customer_ops.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "0c295ce4cebc2aeed564f7d1755d49ba9b64976eb9bfb030fdfbbb1e9385be60", + "sourceRecordsHash": "9465b99e620ea05fe947c33f9065a5c998bc7b23cfd6d444f410a919735aead2", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-27c9d015e9618c378e15dbd6", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "administrador_empresa", + "routeId": "customer_ops.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0d0951bbae8ed782671e7b833d3c7fe8c791e732030025044bde6d024c4abf2d", + "sourceRecordsHash": "27c9d015e9618c378e15dbd69ea028058aa51583cfad161c7b82347b5ea43496", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-2fe2360c6250de2eb1f30181", + "humanNextAction": "homologar rota administrativa acao para customer_ops/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "atendimento_cliente", + "routeId": "customer_ops.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8bb760d11d6226b532a4fcef99a7efeec3049e027e849d204ab7dfbabdc58d23", + "sourceRecordsHash": "2fe2360c6250de2eb1f3018168cf012431413d583c9ef92dde89ca2fdaef37c4", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-0776a8e2baa4630815cfdf85", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "atendimento_cliente", + "routeId": "customer_ops.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c5b657d83f74b2133ded22f857c677d0f81c9e1b1af107ba5ac13f44f70c2e48", + "sourceRecordsHash": "0776a8e2baa4630815cfdf856502ec6a134442e3e6b48f13c1fe77c40ea592cb", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-23eb68b688a8b03a87bf3b13", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "atendimento_cliente", + "routeId": "customer_ops.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "c84299ade3692d7c06f11034e851fa82e6d97d5a03efa8d576c4b18190912561", + "sourceRecordsHash": "23eb68b688a8b03a87bf3b13ad00a2e347902cda7c5b3ea38efa28c2ba1f6888", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ec92a38c6b6cd50ed89669ee", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "atendimento_cliente", + "routeId": "customer_ops.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d62c4f79d3bd55975256b14d1165c88219316bfd4384a09c9bc50b5bffbab049", + "sourceRecordsHash": "ec92a38c6b6cd50ed89669eef1646e25f18da2674488f8b90ba639cc2ba07256", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-710714600cb92cdaf2cad420", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "atendimento_cliente", + "routeId": "customer_ops.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f5be0a53b49977b397b76610ec0f703cb25325af7afefa04dc5db910f984de9b", + "sourceRecordsHash": "710714600cb92cdaf2cad4205186113e4f896cadeea25c7ca00a1f461409a43e", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-50c1d4a820de5a5e7a8e79ae", + "humanNextAction": "homologar rota administrativa acao para customer_ops/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "ceo", + "routeId": "customer_ops.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "52a376bd5d1d8365e309591b909324e9d16c5f26520520916d3b4e346df95467", + "sourceRecordsHash": "50c1d4a820de5a5e7a8e79aef12cf8d86336a7b53aab9e7b990b13f3677a9e57", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-81965d72ac4413a0fa2ca2c2", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "ceo", + "routeId": "customer_ops.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b40ace052b5df7486690c0d6e63332901067cde4e9afd4dd9e4fee62414978fb", + "sourceRecordsHash": "81965d72ac4413a0fa2ca2c2c71e67539520327b01d2cc8a2ce8fb6672cc3840", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ade72ce74cc7805bf495104b", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "ceo", + "routeId": "customer_ops.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "464d9a759c69e1e80c5be4aa8771c8aafa5233775ecb80d367acafef27eab8b2", + "sourceRecordsHash": "ade72ce74cc7805bf495104b419631ffff3aac3964f0a6c64cfd13c8e5d02a28", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f076dbfe397fd7afea49aa3d", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "ceo", + "routeId": "customer_ops.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "03c2d0e5713da6910e34d8ce19f024ad48bdc12aa9220dd61aae7579f64a8c89", + "sourceRecordsHash": "f076dbfe397fd7afea49aa3d345025f83d7cb2964992fe517072b9990e218af4", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b0d799e832af5c83c87bbcac", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "ceo", + "routeId": "customer_ops.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "eea1e6dc9e2d358ce671c8b7da3ee46c41edafbb8cef4edf0a5e3d61c66ce837", + "sourceRecordsHash": "b0d799e832af5c83c87bbcacdde2353db6b41c2c936bbadafde7f2b08589033a", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-bc207d782a8726b9db91e6ce", + "humanNextAction": "homologar rota administrativa acao para customer_ops/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "cliente_externo", + "routeId": "customer_ops.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7f7cbfda796c292231300280a53d926f7f39c58c567baab95d0fcceb3596505f", + "sourceRecordsHash": "bc207d782a8726b9db91e6ce4315e25e40fca061535359b42c40225464b27d7a", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4ab85da4dd69c9cef99fee4f", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "cliente_externo", + "routeId": "customer_ops.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "1c2eb3fc2ce8c3fad8f8860e3d8746f5da3439b14569967e63ebefdc82a4886b", + "sourceRecordsHash": "4ab85da4dd69c9cef99fee4fdf0dc1883fe9d00a1c9fcd10dd062298e2b800a3", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-0bc254b2277212e67e2ae537", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "cliente_externo", + "routeId": "customer_ops.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "33922aa2308d9f348e04504b0db299c97d143e88ee7bb4a01934d2b142c6b0e9", + "sourceRecordsHash": "0bc254b2277212e67e2ae537feeaee3acf41f5a2611958e37c54689a0cfdee0f", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-53694f2ffdc929ba98eda46d", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "cliente_externo", + "routeId": "customer_ops.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "659f6e1c4b84d25ea8876c6762519c459bdf2974636b63e9776302bb0ad80d61", + "sourceRecordsHash": "53694f2ffdc929ba98eda46d6ec7395cd9565aa4f7eb8e5832084436f8277f05", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-5c562be9ba099c04c217ba8b", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "cliente_externo", + "routeId": "customer_ops.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1e96743f93bbe7f2025750bce9137dccaa05875cc2bfbcae4d9a0c5fae606136", + "sourceRecordsHash": "5c562be9ba099c04c217ba8b56cc3dbf2b82a8df7cf1b41f6c8c0e6f090c8a66", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-042ff382a6edabae3613535e", + "humanNextAction": "homologar rota administrativa acao para customer_ops/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "contador", + "routeId": "customer_ops.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "5f331ba4a2abf0e611470910846fa55d6f1ea861531c9d9d266fb2da56a50a2f", + "sourceRecordsHash": "042ff382a6edabae3613535e0ab5a5525f496c2bd6186a361d9347ff1da39ff2", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b93f8a01c9d540c28d8b5229", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "contador", + "routeId": "customer_ops.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "a35ea12fb93dcfccb167d40616b8f532a2a3142fe21421ba042e148628bece99", + "sourceRecordsHash": "b93f8a01c9d540c28d8b52290d998b364229b2d4fd460f7d73a542c2f5fe18f8", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-279c334c9e614b70d9427d46", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "contador", + "routeId": "customer_ops.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "44a87b510080bdd997df8bc130a65487992c05e7e27ff3be74046786bbd366f0", + "sourceRecordsHash": "279c334c9e614b70d9427d4689b2172de838306d3dc0e101f17ac8f244ecb857", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3f577d0017c4985c273ccbec", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "contador", + "routeId": "customer_ops.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "b3160fdcf33405fa84f889fc9b5e61460606389a3b3a287a4a07350549160739", + "sourceRecordsHash": "3f577d0017c4985c273ccbec072d474a015890d72109b58ef688cd04353101eb", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-1a47beafdef3e1a0a65b75d5", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "contador", + "routeId": "customer_ops.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0bf89a845d5df16c498536e71ea9a10871263132c2b48d07ea749b7cae7934eb", + "sourceRecordsHash": "1a47beafdef3e1a0a65b75d5af0ed324cca93b696b5b4eb84aa88a5b902cd5bc", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-305f88a181f8985a6201d6c0", + "humanNextAction": "homologar rota administrativa acao para customer_ops/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "financeiro", + "routeId": "customer_ops.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "908e8e92d0ef555fb30d719709c050e32e6c9aab80c7e5967880f981f3e341ee", + "sourceRecordsHash": "305f88a181f8985a6201d6c090c62bd3f9c5a4d32a7d3a12cf60ec137a3b223a", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-2efe75c71423ea0598e808d3", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "financeiro", + "routeId": "customer_ops.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "618feb836c4042f9b609337a1b051335f1bf6b40e8d030d0963df6de7364757a", + "sourceRecordsHash": "2efe75c71423ea0598e808d3c23c89bba4afa72158d4d5e172374aa465c595d8", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d2097a7a63a08afd4951e8fd", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "financeiro", + "routeId": "customer_ops.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "1540ffbf5561393c9e7a5c6659ab5bbec5fd81c0f92e96034f2a4a02e144ba29", + "sourceRecordsHash": "d2097a7a63a08afd4951e8fd2d8e27a60c8d7b1c1017cabb3371eeb3f4787ff1", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-104291093758ff8329e6cbc6", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "financeiro", + "routeId": "customer_ops.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "2920cb33cf75bb3bde5d77a509642e659b3503427035c1526c9a25cb91304360", + "sourceRecordsHash": "104291093758ff8329e6cbc6bab41358ff8f8c45cab56a29bf1717a6c8678360", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-6e84d5e470ce7939a57d3ec9", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "financeiro", + "routeId": "customer_ops.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4d0ef33308ed55fa0c53b27cdddb44b39b35046fafcfdd7ceabc2f198c9339fc", + "sourceRecordsHash": "6e84d5e470ce7939a57d3ec998ae0a08412c5011deb9312742028b568e22d2fa", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-7f0881bfb3619f4dec476864", + "humanNextAction": "homologar rota administrativa acao para customer_ops/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "gestor_operacional", + "routeId": "customer_ops.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d7c8cd8e054f136befb10b3fd1ec7c0593a2ad20da6bab63e1865fdfaf9cd775", + "sourceRecordsHash": "7f0881bfb3619f4dec476864d2028fa982685cb7e7784499c9b81fa99fdc45cf", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-9fb1d527646472a7c7af2cce", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "gestor_operacional", + "routeId": "customer_ops.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "461ba2957f70fb56a3b7e05efea08ccf9841ef867c065e3474e56cf6f4a7f5d6", + "sourceRecordsHash": "9fb1d527646472a7c7af2cce4b8a81022fa3715935f6e8c4eea8e86666541de4", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-0ae3a709640c3798f99ae379", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "gestor_operacional", + "routeId": "customer_ops.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "5367951251d6e5d269e95d27dc9c21aa446b34f497a7e2a9b91d10412a78dc4c", + "sourceRecordsHash": "0ae3a709640c3798f99ae379cdbdb02900650960871b3bfcdd06c47d59f90e44", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-de8fb670eb2d0dcc27a08a07", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "gestor_operacional", + "routeId": "customer_ops.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "cde3266f8898f5e2ead965542aa38fd6f3fbc5a7392c025ceaac672dea9af755", + "sourceRecordsHash": "de8fb670eb2d0dcc27a08a076653e0357bb97c8b635ccb776f6245d81d707d6d", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-3b2b448497187bfb4a9f744b", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "gestor_operacional", + "routeId": "customer_ops.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e4239ccb23857e6c93f6351bbf6be83bd46d04dbce03e4e56dd110afd667671c", + "sourceRecordsHash": "3b2b448497187bfb4a9f744bb89a2263069b2e8b557bcf48ae95b6668deda65f", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b2b72c38292c8cdea1f2c0f9", + "humanNextAction": "homologar rota administrativa acao para customer_ops/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "juridico", + "routeId": "customer_ops.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "22d5689aa76ae0f0751eb27dec08274e1934baa8cea5df0886dcbfabc48daa46", + "sourceRecordsHash": "b2b72c38292c8cdea1f2c0f9f8bfbf5655789e20246537f78a34074e0c834c4c", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-325cae668e905bccd35f1299", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "juridico", + "routeId": "customer_ops.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "547723c0a2e501f5b0108269d2e20431e574c3ce7dd387424fb8e418a4a481a2", + "sourceRecordsHash": "325cae668e905bccd35f1299066f5b65e6c35ec56c99d0b3e0894d74aca71154", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-1f04cee2aa4c57755f5cf582", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "juridico", + "routeId": "customer_ops.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "c0c2ea594e9b0ac15ed971ff7f0e52ef26c44910334664c33ac54c0e7de19606", + "sourceRecordsHash": "1f04cee2aa4c57755f5cf582ccc586d4aa9d69aff2f55a59024c0ca5c576c5d5", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-16b20b7ee526401cda57cbac", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "juridico", + "routeId": "customer_ops.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "1c046a775ffc92df190e7d00b074dcd4651a722aaeb869b09180b43f713f71fe", + "sourceRecordsHash": "16b20b7ee526401cda57cbacc45d82830b222826f30f816d892d21005006a132", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-054cb845a74693e4c6ec1481", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "juridico", + "routeId": "customer_ops.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0ab5ca7c6fff8eaeab66775babddd708175c72c00aa51815dea88e638a21b4cd", + "sourceRecordsHash": "054cb845a74693e4c6ec1481a88c4bc4c6da0ba28217b31c768a8e2ac5588eab", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-1d51ee78a02f8503afd1eb7b", + "humanNextAction": "homologar rota administrativa acao para customer_ops/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "planejamento_estrategico", + "routeId": "customer_ops.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "94ecba4182143d0764a181590a6ae6655385f632428bc376762d5110c7d0f6f7", + "sourceRecordsHash": "1d51ee78a02f8503afd1eb7be6e92eb3444715e4fe9691b09f3675d6e1de1911", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-7eed4790f072dcb8e0b59e21", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "planejamento_estrategico", + "routeId": "customer_ops.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "fe32cb5f3e0941819cec9ffcc368efb1ee8b174abe8568ec68cebde7f714931c", + "sourceRecordsHash": "7eed4790f072dcb8e0b59e21df751eea5d6ec3ab8b3af807d9af4d9c907cb453", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ad35a0a7546fc0eed9cb563a", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "planejamento_estrategico", + "routeId": "customer_ops.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "249eb30cf74700542a1f6f1c965d2c10f46af0fa8d271321c8a076c779986cf6", + "sourceRecordsHash": "ad35a0a7546fc0eed9cb563ab23ee5945eee960345f5c804415ebf4543de721e", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8dd56592a613ae636ad2a963", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "planejamento_estrategico", + "routeId": "customer_ops.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "8ba4a2746f318f668d97dde67b5b2b0b22454d9e265fe5a0d54cbf434254c1c8", + "sourceRecordsHash": "8dd56592a613ae636ad2a963fccc13c377dfaf3c7329ff483dc4280b4b88b456", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-0e604eb186424a33806ff70a", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "planejamento_estrategico", + "routeId": "customer_ops.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8ada21c81c481f8add7cd47c6d1dce1d7ab88154f37e80b79abd6798268a2b1d", + "sourceRecordsHash": "0e604eb186424a33806ff70ab9017484dc6bcadd60897003bad8b2376a43b5fe", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-26ac7a0d6bd3e77ae069e991", + "humanNextAction": "homologar rota administrativa acao para customer_ops/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "secretaria", + "routeId": "customer_ops.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a8a17fceb6352ef819d550926e24ec66760a57238ac6461ca53b98de9325fdc3", + "sourceRecordsHash": "26ac7a0d6bd3e77ae069e991d4ca6125c87cd55876afa3e82c245a4bc35788ab", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-cd101b589d331f5f5b87dc4f", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "secretaria", + "routeId": "customer_ops.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f5cb10d4c77c745ba8435351b6a174e20110a69391ad287e572ff89c7248467a", + "sourceRecordsHash": "cd101b589d331f5f5b87dc4f8c045220c54320c0fa0b6383f946bd58fc4c2ffe", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-93bd4a0806d561c188583260", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "secretaria", + "routeId": "customer_ops.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "ee92e0e6352f18c9cc2e9a2fe5715fd8f16f086db3c89b7869c21f6cdede52d2", + "sourceRecordsHash": "93bd4a0806d561c18858326006b6d148c0efb6439eecaf4effa0ece98f04a1eb", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-77a2899e4dab10b18f960f58", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "secretaria", + "routeId": "customer_ops.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "06ae7f8d98e9a10ce1f8fe37158b94f86a9a9385f3b71d7651d6fd969d0c23ba", + "sourceRecordsHash": "77a2899e4dab10b18f960f58fa3b5b8aedddf557dc3d95eb043bf52f7ccdebe5", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-7d90a286850ff8112e488c11", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "secretaria", + "routeId": "customer_ops.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1a875de5d19475398cd8ea327b81ffd89015f2ebe322365fa870b65cef329e4b", + "sourceRecordsHash": "7d90a286850ff8112e488c112d69b52ebadf6c1555f5de54381bd25aa730fecd", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-683610d7053f20960e3c1638", + "humanNextAction": "homologar rota administrativa acao para customer_ops/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "suporte", + "routeId": "customer_ops.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9e6fe7ab2e55a2c1d018833102e08d65cf4123f3e621f90ca180553593a89688", + "sourceRecordsHash": "683610d7053f20960e3c1638502199d588b756789fbb784e90e2ebcbef62537d", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d730899874ccefa4b86e0eeb", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "suporte", + "routeId": "customer_ops.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f9f8d1ca825924392087f472e2c5bd70eecbc9bb4f1f4663d693a1f08e51d951", + "sourceRecordsHash": "d730899874ccefa4b86e0eebde24333e31ef775e597932e983870d25bc5fdeab", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-255f9f411542bd8b5b1c2a1a", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "suporte", + "routeId": "customer_ops.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f10293f279a0c1557323cf0f9a39455b852f76f364a024ee97e14a788ddc51f8", + "sourceRecordsHash": "255f9f411542bd8b5b1c2a1a70da3b34e11057787e5cdcaaf2bf5d9126b9d811", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a5f945299a57272bf2d04ac2", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "suporte", + "routeId": "customer_ops.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ea83729a77db8714827284dda2835e15e9d1fabb19bec53e0a65e2a2d5d60915", + "sourceRecordsHash": "a5f945299a57272bf2d04ac2a4d19a1bccf4460959fcf35420b870b970e1450a", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-e0fc3225de9f64ceed1d77a5", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "suporte", + "routeId": "customer_ops.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ccb5c78b6066f3553764a81c253d2efb5c4604eddedee804d1c96b5c6211097c", + "sourceRecordsHash": "e0fc3225de9f64ceed1d77a504e33958220f3e066abf9ab78b86a8e3d4894693", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0200da8bc80defc164ea558c", + "humanNextAction": "homologar rota administrativa acao para customer_ops/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "tecnico", + "routeId": "customer_ops.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c165cd69a213147b24186199940f572ce072cd33cb1fa497450f11c5e9c91cc3", + "sourceRecordsHash": "0200da8bc80defc164ea558c97eaa2246e28bf6769f8e0fe50524d5fdd0f7bcc", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-99d4a0444c730aa93771554d", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "tecnico", + "routeId": "customer_ops.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "de9d9b8e078919b4c5ada20e15b1492d741d8c3a0ba008ccdd9c19a7b5aaf9aa", + "sourceRecordsHash": "99d4a0444c730aa93771554d98bab442481b7a916ba4f9e035bc4478a2bc91b0", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-1632aeaab72071db338c0d2f", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "tecnico", + "routeId": "customer_ops.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "240707d46335d5f55717f3d94b1b1665c2393045bb5bf0357fac7ba62711c31b", + "sourceRecordsHash": "1632aeaab72071db338c0d2f38ce9b81959b1ab9c41ab8a3efa98049a367c04c", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e900ce6ed1e99a2e2c7a72d6", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "tecnico", + "routeId": "customer_ops.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "886dc82724d68f9f9da1ca53c39f1b4a2844f9cef72bc0c130cd44e41eedf170", + "sourceRecordsHash": "e900ce6ed1e99a2e2c7a72d626f87546c4dbcdd41fb9fcb76fb70affea4612ba", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-ee21a5df3701899e3850e4bb", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "tecnico", + "routeId": "customer_ops.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "eba31dcc091abae69011e35386aee37cb93ee8d5aad3b8be3b8acf36e9fd0dc9", + "sourceRecordsHash": "ee21a5df3701899e3850e4bb5fbe724c74163deb88787cc094d0ea8fcd21ee12", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-55adffc1b77d4e8924bfa670", + "humanNextAction": "homologar rota administrativa acao para customer_ops/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "customer_ops", + "profileId": "usuario_final", + "routeId": "customer_ops.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "82a4747e0e55988a58184bbdd73f432e5b7aa9a1a6f589f55d42314d5c0987dd", + "sourceRecordsHash": "55adffc1b77d4e8924bfa670adf8f15aba14d17475114562a4bf721013399b5e", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-254c261b8f7a5d2b76701628", + "humanNextAction": "homologar rota administrativa auditoria para customer_ops/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "customer_ops", + "profileId": "usuario_final", + "routeId": "customer_ops.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "bec48743d3f875a897eb646ef299093ec78f6c0afff4e8d77b66a0e6545e3b5c", + "sourceRecordsHash": "254c261b8f7a5d2b76701628ae76e99c796520599ed80aeb1adc0733d1cdd242", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-8ae008cd96f6ffc8367f9443", + "humanNextAction": "homologar rota administrativa consulta para customer_ops/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "customer_ops", + "profileId": "usuario_final", + "routeId": "customer_ops.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "437811f383f6b5a373fbd922e4c31c84f70eed3a1e7d1945db5e61cdd5c9d5f6", + "sourceRecordsHash": "8ae008cd96f6ffc8367f9443ed35fa84ada4ab7c84ae9eef26ff91f04d650f5c", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-541862d614510bc0e11a0637", + "humanNextAction": "homologar rota administrativa diagnostico para customer_ops/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "customer_ops", + "profileId": "usuario_final", + "routeId": "customer_ops.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "c400c1e98225049b93c8adbe53ac5de1658c332b3813fa4b592460e1b25bc487", + "sourceRecordsHash": "541862d614510bc0e11a0637d3ec49d5b3a90f58208ddc4725b46b1fcf836cb7", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-e650336a942449a3c3a6dd14", + "humanNextAction": "homologar rota administrativa explicacao para customer_ops/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "customer_ops", + "profileId": "usuario_final", + "routeId": "customer_ops.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6ca49d8339574698203280b83142a0898d0e0c9ca9794acc6fd929070cca4448", + "sourceRecordsHash": "e650336a942449a3c3a6dd1437ab0e7a715413e2a80f901a91b500c1966c0b5e", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-346940b4ec21092bbfdc964b", + "humanNextAction": "homologar rota administrativa acao para docs/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "administrador_empresa", + "routeId": "docs.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1828eba28b4274ed3810c8cbc070340e6b8b4350f8aaef7b7d2dca3a2aa175a8", + "sourceRecordsHash": "346940b4ec21092bbfdc964b41e9d7817e1c508a4b98816739e4285c97cea0c8", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-cf3c26e318de54359670b6cb", + "humanNextAction": "homologar rota administrativa auditoria para docs/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "administrador_empresa", + "routeId": "docs.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "fac623d8fe864fc09cdff9ae5483f18fd4bb7ff3a12cfd4530c62670d8caefe4", + "sourceRecordsHash": "cf3c26e318de54359670b6cb7c3590c66bcfc42e0eb667a03389905d89a93a54", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-4db47c363333808ece2f256a", + "humanNextAction": "homologar rota administrativa consulta para docs/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "administrador_empresa", + "routeId": "docs.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "99f4b6cdfa952759a211ab5a870a5be101badeec59fcdec53ed381fd3be7886a", + "sourceRecordsHash": "4db47c363333808ece2f256ab53f832a01c81449d847a140777253a274eda641", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-9efec5d28bfccb7405ae99fd", + "humanNextAction": "homologar rota administrativa diagnostico para docs/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "administrador_empresa", + "routeId": "docs.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "1524447942d010a2d3f337d0bd485ed61a26a4da78e5a96fc519e2a12520c234", + "sourceRecordsHash": "9efec5d28bfccb7405ae99fd59f3c7ed69eaa5b3bbdaf9322e7860a799a88d59", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-cb60086f8807bc578abec35a", + "humanNextAction": "homologar rota administrativa explicacao para docs/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "administrador_empresa", + "routeId": "docs.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d97811851700dbfa17efceb59743ea4d2d874f402d0068e7e60461254e6f0469", + "sourceRecordsHash": "cb60086f8807bc578abec35a3fb9ed7b5fc491934ea5a0578e337ed47e534dd3", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8a25c8efd479919c831b4943", + "humanNextAction": "homologar rota administrativa acao para docs/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "atendimento_cliente", + "routeId": "docs.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2bb43d22ad583ca2ddb8826cdac7baf8f88d40e6996742a2521ac97a5eb1b16a", + "sourceRecordsHash": "8a25c8efd479919c831b49435280e821d11d04a0f7a7ea8fdd7307407fd7e345", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-812f94916921fb1b58fe7eca", + "humanNextAction": "homologar rota administrativa auditoria para docs/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "atendimento_cliente", + "routeId": "docs.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "1b85a66fed625a839cc55c8934d269f7496bad1c2b7ed4626b080d3c3cd68433", + "sourceRecordsHash": "812f94916921fb1b58fe7ecaf66ed12456f28c8ec7b227a18e02aeefd357c842", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-b57635f4d81c23f26e4b069e", + "humanNextAction": "homologar rota administrativa consulta para docs/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "atendimento_cliente", + "routeId": "docs.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "aa563441bfd8aa922a7298c299bdfaca0acb15f6ef85b127a1eecb8540a4dc77", + "sourceRecordsHash": "b57635f4d81c23f26e4b069e2cf748fae470703e1a044d118a66686e8f76d51a", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-717faafd09a806dd68b2ff10", + "humanNextAction": "homologar rota administrativa diagnostico para docs/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "atendimento_cliente", + "routeId": "docs.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "3d79c14d2a01f4d7ac41237e47abbc5d0a36373a499ac763f11e44b48983c1c7", + "sourceRecordsHash": "717faafd09a806dd68b2ff1069868d9e0aa1991b31b938a02283ed9cb0c67bca", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d0df968c0b527fc5ae5c59a2", + "humanNextAction": "homologar rota administrativa explicacao para docs/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "atendimento_cliente", + "routeId": "docs.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1acfad8faf974c22350ce71db767fe88da7ab492a71ea4f5bcea90d5fa5f0a3a", + "sourceRecordsHash": "d0df968c0b527fc5ae5c59a29bc7d3a4e98338309aabd12cd2a3880af8fdd304", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-301023501546306b1430cf93", + "humanNextAction": "homologar rota administrativa acao para docs/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "ceo", + "routeId": "docs.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "66fc35b529e041aba29e091c3334b6e6a9e19bd2b34b8ee37f52dd703560bd1b", + "sourceRecordsHash": "301023501546306b1430cf93d41882bdf83034691682b767f479015c63b4c6e6", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-6e1d29531c86f3bfb0536315", + "humanNextAction": "homologar rota administrativa auditoria para docs/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "ceo", + "routeId": "docs.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "11c577d7e6f728d43b552e45c6a6597abe26c7e3ae2d4a7bd0036a9a3182bb21", + "sourceRecordsHash": "6e1d29531c86f3bfb053631550e1f6f2708437b0a82c32bfb2ac37f593229863", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d60614d35da495f081522b67", + "humanNextAction": "homologar rota administrativa consulta para docs/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "ceo", + "routeId": "docs.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "9e2b95de4c339f9c64709a52b5edf579cde9baea89fb772b3d3af6e20d1f6b74", + "sourceRecordsHash": "d60614d35da495f081522b671c70b7b43649fc4c1d1def7e308c0092ce47e2ff", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-666b7fd7d72cefd7a4d430b7", + "humanNextAction": "homologar rota administrativa diagnostico para docs/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "ceo", + "routeId": "docs.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "bec485c67a704d7d3c45bc5d94b6650ea150a68355831260a0b1068a1298fe66", + "sourceRecordsHash": "666b7fd7d72cefd7a4d430b79535bb87910562b157b0d5b66dde6ff88ff89045", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b80ee7036757ea7268212e4a", + "humanNextAction": "homologar rota administrativa explicacao para docs/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "ceo", + "routeId": "docs.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2d1c0ca6dd5ebf390cdcb6178ebe83b4291ea29275df951ea418c6b6743635a4", + "sourceRecordsHash": "b80ee7036757ea7268212e4aa961a7693a61b06b29ef40827c6496559744a0dc", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-7138a913f72eb38338317af5", + "humanNextAction": "homologar rota administrativa acao para docs/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "cliente_externo", + "routeId": "docs.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d85242943e96a28a2e3aca7ff1b6fd71691c0fe1ccc739bc9ff2d1f1ba4e64bf", + "sourceRecordsHash": "7138a913f72eb38338317af5aaef05c6e48fec033f9e392352622fcb0bb3299d", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-1fe4ea929dcb93c81aa2f218", + "humanNextAction": "homologar rota administrativa auditoria para docs/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "cliente_externo", + "routeId": "docs.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "cde92ac8176e660914758af7a216edb2237aac7a1cefd381cb1263d3d18aa916", + "sourceRecordsHash": "1fe4ea929dcb93c81aa2f2184cdb6bb118c764d54c016f6c3940e2d56e5f8bd9", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-04942a2e3a4ebff69a11080f", + "humanNextAction": "homologar rota administrativa consulta para docs/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "cliente_externo", + "routeId": "docs.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "532ba667e89db33475a61307192778bec686e9c99229ca602b11c70cfa48906e", + "sourceRecordsHash": "04942a2e3a4ebff69a11080fc519e81a80da6c08106864fef1930b24bd9cba93", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e304491952bf6c0558924429", + "humanNextAction": "homologar rota administrativa diagnostico para docs/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "cliente_externo", + "routeId": "docs.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "127aeb87c76f2f88d6d62375859bbbbb3d2753db17235590d4d3227945f5f58d", + "sourceRecordsHash": "e304491952bf6c0558924429dd433dae1a94a8656faccbb067cd0725eb6afbfe", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d371ffd6817c5f0a60e46211", + "humanNextAction": "homologar rota administrativa explicacao para docs/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "cliente_externo", + "routeId": "docs.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7a187b2d02db461c9badec06e8060d7ef71e66150486bdbd3e7224bd5320844e", + "sourceRecordsHash": "d371ffd6817c5f0a60e4621126e2e141ad18405c7a50c6a3f39d4461fbe88e38", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e97230fe93815d5dafa75afa", + "humanNextAction": "homologar rota administrativa acao para docs/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "contador", + "routeId": "docs.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7280b815fd7f54f3e42ff954a8f759defe6101493fd33148b4bbaf3eb03dbd74", + "sourceRecordsHash": "e97230fe93815d5dafa75afa7a266ca0af094ab0d9a17a58a04b7a25af6abd13", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-bda0cd7ec5af6ee616308b82", + "humanNextAction": "homologar rota administrativa auditoria para docs/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "contador", + "routeId": "docs.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "0a35fe014d24145196c66c59be08fbb07829d11aea2f4a4e01596eb72f6de623", + "sourceRecordsHash": "bda0cd7ec5af6ee616308b82284eef05ecd662db3e9a02b8fcaf533549689fff", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-12c2eb08dfc32437f756dbf2", + "humanNextAction": "homologar rota administrativa consulta para docs/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "contador", + "routeId": "docs.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "1c2b4896ba4f690a7503b863ded77bd5657f6a8d64508ab263c66cc249780979", + "sourceRecordsHash": "12c2eb08dfc32437f756dbf254ad6cfb737a8298ed4c271781285b937be5c49a", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-6fdc8d784099893a7dd90395", + "humanNextAction": "homologar rota administrativa diagnostico para docs/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "contador", + "routeId": "docs.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "6ab0b8bab9372b7ade00c588321305a48859f8a2d2f9907a1de0bd843c9a128c", + "sourceRecordsHash": "6fdc8d784099893a7dd90395c661d5bc9c2915ed563b5969651ae2aabe648f3c", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-88096c6c37b2d692fc5519bb", + "humanNextAction": "homologar rota administrativa explicacao para docs/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "contador", + "routeId": "docs.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "26f0c3c3f3db5bfc78506a00ad8affb894908889809568adecef105596b323ea", + "sourceRecordsHash": "88096c6c37b2d692fc5519bbc1b32b4e90fbf8a252ea69fcf167ae35e1ecfca5", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e889f2a8edea53987af6e37a", + "humanNextAction": "homologar rota administrativa acao para docs/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "financeiro", + "routeId": "docs.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f8f628208a61c67c6722a4813907ba07c398fbcbee529e51b359ed26572224a8", + "sourceRecordsHash": "e889f2a8edea53987af6e37ae7fb2f025f8df0da2ae4d3bacf7519d1273a99e4", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8095558a1f35dbf8285f9b79", + "humanNextAction": "homologar rota administrativa auditoria para docs/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "financeiro", + "routeId": "docs.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "791a646f63a38b7f3f6462067d47363069427bf52cbcc4b158b3afe94b665a58", + "sourceRecordsHash": "8095558a1f35dbf8285f9b79f749dd37707e19c56f9b873a53387e5534133c65", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-c188f72ca7db6298f05a50bc", + "humanNextAction": "homologar rota administrativa consulta para docs/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "financeiro", + "routeId": "docs.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "e8d2cfe4bb18e5f54f7db2520beadf6b0b9b293f3a041b5c78b4c5eb5a2b13a2", + "sourceRecordsHash": "c188f72ca7db6298f05a50bc59a77d151702447f6ecf2a59239996a692d495d5", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4eb71444857f2ba191fd98b7", + "humanNextAction": "homologar rota administrativa diagnostico para docs/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "financeiro", + "routeId": "docs.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d2c95b525a1d9c697e0bf4ae414670004fa37ba499e90cdaa8240babd7252350", + "sourceRecordsHash": "4eb71444857f2ba191fd98b7ea2319e6f726c8a3a4414cab6923730f25548889", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-133397aabb5a6d639a379379", + "humanNextAction": "homologar rota administrativa explicacao para docs/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "financeiro", + "routeId": "docs.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c56f6577abb282731173a010a13d13278dd07a404178c6a796c0ea9bc45d6280", + "sourceRecordsHash": "133397aabb5a6d639a379379d7b7591b1f1ede2b93f06088909a305d09373b2b", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-59450bb08828a812f44adb14", + "humanNextAction": "homologar rota administrativa acao para docs/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "gestor_operacional", + "routeId": "docs.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "65ba618ba03cf3741d7c6abf63a2f6b54a46dca327e3b9685235fda5d89dfab8", + "sourceRecordsHash": "59450bb08828a812f44adb14e3a6ae0ac19982e866419c87dfc3fd7fc0215752", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4b4935a69b738c2a9be0067b", + "humanNextAction": "homologar rota administrativa auditoria para docs/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "gestor_operacional", + "routeId": "docs.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "96e17405e2caa877486afb51c565ae114351aedad95570f35b72490ded2b7d1f", + "sourceRecordsHash": "4b4935a69b738c2a9be0067b34f4b58baaad1a5ed89d5622f73e54e5cca7e6f8", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-9526a5b2284ad5bb22c88c5c", + "humanNextAction": "homologar rota administrativa consulta para docs/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "gestor_operacional", + "routeId": "docs.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "1093c838ad3606d8b2369fd20004eb68838cfded8632fe4cb3ffe44fd448d0eb", + "sourceRecordsHash": "9526a5b2284ad5bb22c88c5c529b4d9e7009f0c97d2136739af7af10ae684d49", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d1b18664677146e54259337f", + "humanNextAction": "homologar rota administrativa diagnostico para docs/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "gestor_operacional", + "routeId": "docs.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "01153a6ae5ae970d01074a75362b47f20be19e9ab2c623ba593dc6a61e25936e", + "sourceRecordsHash": "d1b18664677146e54259337fd8b3f06a03db9fabfcab3a8fabd681dbc3a9afa8", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-3e6c28d4102456c4c4c17b12", + "humanNextAction": "homologar rota administrativa explicacao para docs/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "gestor_operacional", + "routeId": "docs.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c9fc404f352c7351275b6ab65ae608ed4882a6770584d8e35708c09053d68876", + "sourceRecordsHash": "3e6c28d4102456c4c4c17b12bf873f1c65e73bc0454103a2679771bb36ea726e", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-50cfb7ba141c7c3fe5dfaac8", + "humanNextAction": "homologar rota administrativa acao para docs/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "juridico", + "routeId": "docs.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "5660c5e5eb26ebfc110e548402a6285c801cb070d36770f9b61291dee747e8bf", + "sourceRecordsHash": "50cfb7ba141c7c3fe5dfaac869947fc7549b09ea383aa257aa83943479214f33", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-936945b085492100eb39b161", + "humanNextAction": "homologar rota administrativa auditoria para docs/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "juridico", + "routeId": "docs.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "1fc1421272a64466671b526e4009e20232abf4fa0b4ee7053d4a43c2c94eb7bf", + "sourceRecordsHash": "936945b085492100eb39b161d7c90e5d62fcdecee4860290ec86de115af812c6", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ff1b6e665019433e90f89703", + "humanNextAction": "homologar rota administrativa consulta para docs/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "juridico", + "routeId": "docs.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "8370aa8702d7da7418a8d05e256a55b03de125d68fd2c95e4ede22bb030509f1", + "sourceRecordsHash": "ff1b6e665019433e90f8970312cfd4cb84f9a398a7ab6ecdf93cd30c9615cbd5", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8f39fb7c8e2a0a5e64899184", + "humanNextAction": "homologar rota administrativa diagnostico para docs/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "juridico", + "routeId": "docs.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d241d3bc6d918f1c1b00700cd500d230011b1c731584790dd50655e24194332c", + "sourceRecordsHash": "8f39fb7c8e2a0a5e64899184ef98b0d3ecfd548bcf8735bee4aaacbdd3bd7afd", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-7c971e0b11f4de780e337b20", + "humanNextAction": "homologar rota administrativa explicacao para docs/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "juridico", + "routeId": "docs.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "02f751eeb3f4fae24728af6a44666375a19419e18f806cc24d326dde2578ea3a", + "sourceRecordsHash": "7c971e0b11f4de780e337b20a1d00ee185da2c4ba61287bcb15c8aefdedaf22e", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-735be2e45e8c23c5fe4b141e", + "humanNextAction": "homologar rota administrativa acao para docs/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "planejamento_estrategico", + "routeId": "docs.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "cc645931650000364886d745ab6f2e58f0f561df4066101d7586bba13c7fbd0f", + "sourceRecordsHash": "735be2e45e8c23c5fe4b141eb89cbbf25501c8ea8b0f09753c57ab02bb45487d", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-229234188a3c8d1b6d1a3e47", + "humanNextAction": "homologar rota administrativa auditoria para docs/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "planejamento_estrategico", + "routeId": "docs.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "bb27866912a408a2565b601e4ef3686c66727c31696df87c854fa63434a17dac", + "sourceRecordsHash": "229234188a3c8d1b6d1a3e4739d131890e83344dee04f7072e42d2fe5887b320", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-34fd3dac4f4b60b2a0fd98b1", + "humanNextAction": "homologar rota administrativa consulta para docs/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "planejamento_estrategico", + "routeId": "docs.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "219e91dfe9c89d327f4abc12d1341d9bccccd1841a2987eb2fb381ae35f285f6", + "sourceRecordsHash": "34fd3dac4f4b60b2a0fd98b16e46217c7e2666d463d7eae9997394afe6903ee3", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f8cc3dfe95b031376ffada32", + "humanNextAction": "homologar rota administrativa diagnostico para docs/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "planejamento_estrategico", + "routeId": "docs.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "6302dc7350f5b996cda69e88df9c93b6413e983a1a7b393ccf48d23d7d5a8840", + "sourceRecordsHash": "f8cc3dfe95b031376ffada321b0f717a11e8678b8f2a1a7980e8a90f6b4ef622", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-70489882ca4c9756f7e1ac67", + "humanNextAction": "homologar rota administrativa explicacao para docs/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "planejamento_estrategico", + "routeId": "docs.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2cf52e76eb999ad6ddf4210bc75018eec19b09454d65a312d4eb20d2631f43f5", + "sourceRecordsHash": "70489882ca4c9756f7e1ac67560453a8808a7f41a64446c80777a3270e17e362", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-6b045129a059adbffe57ef0b", + "humanNextAction": "homologar rota administrativa acao para docs/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "secretaria", + "routeId": "docs.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "b6b0e14c728100c98ffd6c7d72f72fcd6a5d05d9d26dc73989c90782a1102773", + "sourceRecordsHash": "6b045129a059adbffe57ef0b32199e0c30a9db9a6479e19a2907bd2f2181abdc", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b186e63f8b05e7c023fa2282", + "humanNextAction": "homologar rota administrativa auditoria para docs/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "secretaria", + "routeId": "docs.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "06fae23600d0d8b222bbdcef3efcfd0be612358e594db90ab869c137e5bd4b47", + "sourceRecordsHash": "b186e63f8b05e7c023fa22821e72743beff9352f2aa941ca8940cc8900f2b300", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-58a034366677b0414fd430c6", + "humanNextAction": "homologar rota administrativa consulta para docs/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "secretaria", + "routeId": "docs.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "e79aef0d2be1b69b6789699d9e8509165b44262de1de92553631d97e91f36efe", + "sourceRecordsHash": "58a034366677b0414fd430c659cca4773706f444377776b2fad8b3ec00edd6e9", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f6fce1cefb9a943c703137c6", + "humanNextAction": "homologar rota administrativa diagnostico para docs/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "secretaria", + "routeId": "docs.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "8c937f6c078cdffdef8786b24ba5646f937d44c7c2d35e35d726f637124bc21c", + "sourceRecordsHash": "f6fce1cefb9a943c703137c68b5aad559fd6e76d2f429e72d1a01f18a2d4990f", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-0d09ca758e0d3ab2ba5cfd6b", + "humanNextAction": "homologar rota administrativa explicacao para docs/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "secretaria", + "routeId": "docs.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "de1eff01fe214e20f0256d5204dbcc8810ad92e802af72c48dfceaf4af4ffb38", + "sourceRecordsHash": "0d09ca758e0d3ab2ba5cfd6b129568e62eac83958ce61b89c53b9efbfd25bc26", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-c9a09bf7bce8d3d33437d2cc", + "humanNextAction": "homologar rota administrativa acao para docs/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "suporte", + "routeId": "docs.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ce119aba3bf63062e08de2cc92863249519a239a65c8a75e8f637bfdb91ffd89", + "sourceRecordsHash": "c9a09bf7bce8d3d33437d2cc92b6f23aa757671a02ecf4facc63a72b3e79a825", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-213670f82d95b62d4a262e7e", + "humanNextAction": "homologar rota administrativa auditoria para docs/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "suporte", + "routeId": "docs.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "5d2d2da7f4d8ecefe803f66c5a2d7877220dc3a0fcfb41acb92021e399679185", + "sourceRecordsHash": "213670f82d95b62d4a262e7ed64e6c13b335c92a8a3e13327a95e073afabd172", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-11b1f7565fb6bf904abb32f6", + "humanNextAction": "homologar rota administrativa consulta para docs/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "suporte", + "routeId": "docs.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "42e53fdbcfad38583506286df22ff51356a1d3c6417432adecf8f8df070a5c7e", + "sourceRecordsHash": "11b1f7565fb6bf904abb32f647b161a2d31b3fc4591bfca3a23b4e356dcd4d53", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-5763dd2323a382f21ba15caa", + "humanNextAction": "homologar rota administrativa diagnostico para docs/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "suporte", + "routeId": "docs.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "24d529e1e09f1c939ef3b81a8251c167b556b5c4896346760770cec93c844e39", + "sourceRecordsHash": "5763dd2323a382f21ba15caa2e58c3074f648f9b0a9abe320b57311ab0b4d81a", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-1d9eaa2f127220ba329b6159", + "humanNextAction": "homologar rota administrativa explicacao para docs/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "suporte", + "routeId": "docs.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f77c97a58150287e93d0145201b51f1f2e5957efaa46ecb8dd28f88467091aae", + "sourceRecordsHash": "1d9eaa2f127220ba329b6159956a25f43f368b8a964795365e6a98243631589b", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-a584cab7ba1b8e4d91ca9a5a", + "humanNextAction": "homologar rota administrativa acao para docs/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "tecnico", + "routeId": "docs.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1943cd8aee82b90eeaeb5199a8ba471111beb036004bcb35396de0a2cf8a8a2d", + "sourceRecordsHash": "a584cab7ba1b8e4d91ca9a5a44b6ed53ff7e354b36a6e324156cbe9948d6249b", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d5f04b4aa13463904c3bea82", + "humanNextAction": "homologar rota administrativa auditoria para docs/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "tecnico", + "routeId": "docs.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "3013899d83c3ab06bdaf2f158e3f2ef9e50533eb4799091a13f86e8f34b63291", + "sourceRecordsHash": "d5f04b4aa13463904c3bea82c54a2f59b7616b7fc7151b3a06f49bb9eeea3b17", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-a5b577fbe8193a3dd934acaa", + "humanNextAction": "homologar rota administrativa consulta para docs/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "tecnico", + "routeId": "docs.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f1aab25294dd1ba0874bbde7a9c6e91c2001dc226fc4a100652dd9eafeae77bc", + "sourceRecordsHash": "a5b577fbe8193a3dd934acaa845c87080515fc5107de5237ed2695141fee44a1", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-00d42e7f01430a491fbf0902", + "humanNextAction": "homologar rota administrativa diagnostico para docs/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "tecnico", + "routeId": "docs.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "31e89de30a8db4fe2108bf5037d1c0dd5cbda825a11df03b2a9fc33656995be4", + "sourceRecordsHash": "00d42e7f01430a491fbf090276d77eb5d161d2539613dab8d6a7e9a44dedf5ed", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-65ae021ccc43f608782efc48", + "humanNextAction": "homologar rota administrativa explicacao para docs/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "tecnico", + "routeId": "docs.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a119834cfa5c9dc1c56e0a6c341163634ec4162f2b857c8bfee9cdd9bf6d879d", + "sourceRecordsHash": "65ae021ccc43f608782efc48b0f914c09076d7ec263e6dc7aa305a00539919e3", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8bcb657d48af6a2f7b871020", + "humanNextAction": "homologar rota administrativa acao para docs/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "docs", + "profileId": "usuario_final", + "routeId": "docs.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "46379fce619c74733f58707d8ed73dcd5009384d574e77a66eaa68d57d5c6df2", + "sourceRecordsHash": "8bcb657d48af6a2f7b8710202a6d4a714cbff37a0ecee1f599099879274de53e", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-f3e782b85fb0de5428f11859", + "humanNextAction": "homologar rota administrativa auditoria para docs/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "docs", + "profileId": "usuario_final", + "routeId": "docs.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "a61a8654a44803b86d2e68ac22bef86e2edc61bbff729b55389dafec6a28a9ca", + "sourceRecordsHash": "f3e782b85fb0de5428f118590243c783da3c18c7224d10e47ae2e196ba0140c7", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-24ac307af503d971c52146d6", + "humanNextAction": "homologar rota administrativa consulta para docs/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "docs", + "profileId": "usuario_final", + "routeId": "docs.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "cf413f3773b3e7b8b055fa75d2973621d99e4731b4ab58deb894cd0c3e4285b4", + "sourceRecordsHash": "24ac307af503d971c52146d6bc68218c543068cbae56a0536081c7f155388854", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-b49a1ebe140828953b79c4cf", + "humanNextAction": "homologar rota administrativa diagnostico para docs/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "docs", + "profileId": "usuario_final", + "routeId": "docs.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "3627decce9370de13fc19e04a70c52e92bd7415303845ae007a3bd65fbf52729", + "sourceRecordsHash": "b49a1ebe140828953b79c4cfa2f3f83a3510d7f0b3b021491ed60dc128ba4382", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-0cffb9e36a2dfd5fb617e512", + "humanNextAction": "homologar rota administrativa explicacao para docs/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "docs", + "profileId": "usuario_final", + "routeId": "docs.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9813cc74a4597dbcf5a5fc306a2d280c824f717b4256a8eff2864f85d1707ed6", + "sourceRecordsHash": "0cffb9e36a2dfd5fb617e5127cba817298e234e04db2cc8fb01f1bf54c963634", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-38902e4eff57593901a8c201", + "humanNextAction": "homologar rota administrativa acao para finance/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "administrador_empresa", + "routeId": "finance.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "16ad6568dccb3cbb019fa2753d5fdd453f64015c843b94f7e03e92f44553fe46", + "sourceRecordsHash": "38902e4eff57593901a8c201dc64d8a5316b26e7de6e147c8c788147c132b322", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-deb7ba20962e59fcb7793c88", + "humanNextAction": "homologar rota administrativa auditoria para finance/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "administrador_empresa", + "routeId": "finance.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "ff6d712bbcfd0c26874325f1d4c59ec59b8f2948b28830f175926f5b0c98fe74", + "sourceRecordsHash": "deb7ba20962e59fcb7793c8843dd09ab822c3f0e9c04e4dde0c399bffb23c8a2", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-9a6e77daab5192e31e4af9b9", + "humanNextAction": "homologar rota administrativa consulta para finance/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "administrador_empresa", + "routeId": "finance.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "dca8346806a8948d1dcdfba34c740cff91ff64910616513bf70c23f1df9558d5", + "sourceRecordsHash": "9a6e77daab5192e31e4af9b98a835193f9136cebb02bdf0ce2d49244d4976700", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-2dd5d2f3c7844a92406b4652", + "humanNextAction": "homologar rota administrativa diagnostico para finance/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "administrador_empresa", + "routeId": "finance.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "664e5f7ceb54eb64880f486b0d7b3fa53b1d8e11b6c9b99d08ee49791a89e560", + "sourceRecordsHash": "2dd5d2f3c7844a92406b46523feb9f0018070ad6d66a7bff4a67da992f1f2f86", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-351a8a9d422c43c0aeb2979f", + "humanNextAction": "homologar rota administrativa explicacao para finance/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "administrador_empresa", + "routeId": "finance.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ab046d82ed4ae478832f61e797d7ae8f8d68a38a37f57ebae85d7d40d89b349e", + "sourceRecordsHash": "351a8a9d422c43c0aeb2979fb184bc1c4e6c7e4ffd6c92afd29132b405edb36a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0d0a3277784f1d9adffc2a38", + "humanNextAction": "homologar rota administrativa acao para finance/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "atendimento_cliente", + "routeId": "finance.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e2af87745fe09a6a0f56a0558676f4c0bdfca633ebd7a0961b35678109371dae", + "sourceRecordsHash": "0d0a3277784f1d9adffc2a38b9a4e90ecfedd22254a3e334851fcb040dd68cfc", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-353641ab2caf151f5ebcc94c", + "humanNextAction": "homologar rota administrativa auditoria para finance/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "atendimento_cliente", + "routeId": "finance.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "7837a4a520e21fe3ed86edf88b9b187d6a0d783196d79860c69eb05d2df64cb2", + "sourceRecordsHash": "353641ab2caf151f5ebcc94ca66a1be16ee757c4c21b057c5c5357ed4f857916", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7e3a182a520ab8d3c3c1fbe9", + "humanNextAction": "homologar rota administrativa consulta para finance/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "atendimento_cliente", + "routeId": "finance.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "cdc64fb1b25ee7b5813806ef2608ea3b904cc3e5647c3f9f8897b276dc190fa0", + "sourceRecordsHash": "7e3a182a520ab8d3c3c1fbe9692be7a03865a782d4b1cbfb6371041fb00c5457", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-b062fef129fdd7c828e907cc", + "humanNextAction": "homologar rota administrativa diagnostico para finance/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "atendimento_cliente", + "routeId": "finance.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "47a65bb3cbfafa92f58213cb536128b72b76bb6f792390672bd3417e7a119222", + "sourceRecordsHash": "b062fef129fdd7c828e907cc1a4dd47cb71d1d843cbc390689aec7d379e3cf28", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-da0618e99186ef8d360b8e92", + "humanNextAction": "homologar rota administrativa explicacao para finance/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "atendimento_cliente", + "routeId": "finance.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "bb6524cf9e1018ea1b915d3975ec51ee4a3be1d3e0c17fc8cb02e81b88469eac", + "sourceRecordsHash": "da0618e99186ef8d360b8e929394abb6377c60c0e1a70c06cd9f1f64202b7de7", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b0f029500c5e6050bc75765e", + "humanNextAction": "homologar rota administrativa acao para finance/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "ceo", + "routeId": "finance.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7ebe0d7aa32c961f204c7103f2f58e4e45934e477e0be6a8f60fbaf3fb7d1bcc", + "sourceRecordsHash": "b0f029500c5e6050bc75765ebac11761936b0139d4a67ffd2922f968e754be10", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-697ffb03f7454d9ff8a037b3", + "humanNextAction": "homologar rota administrativa auditoria para finance/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "ceo", + "routeId": "finance.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "72328669431474a36b860efbd741f3a37df1dc0df8d67f01f86000474c5dd402", + "sourceRecordsHash": "697ffb03f7454d9ff8a037b3acba07234a68594ceccf6793e861c49cd5d0446b", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f75a3032a748c69a68b5cbbd", + "humanNextAction": "homologar rota administrativa consulta para finance/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "ceo", + "routeId": "finance.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "2e20f8eaeead8f65fa76211fd12a0bb16cceb5a24784a1730160193251e2c935", + "sourceRecordsHash": "f75a3032a748c69a68b5cbbd90b14d4297fd6c6e97edd2da386e3736b5c31f6f", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3c9d84570c7fec33e47c904b", + "humanNextAction": "homologar rota administrativa diagnostico para finance/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "ceo", + "routeId": "finance.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "7cf1418a83ae5adb0e29658491eb2647622152b420ceb414aaaef9e714bed794", + "sourceRecordsHash": "3c9d84570c7fec33e47c904be66dbf5d025373adc0a9b44689d537df9b7a27c9", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-ceb3a94c23c2414498977420", + "humanNextAction": "homologar rota administrativa explicacao para finance/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "ceo", + "routeId": "finance.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "44f118e83a323026b32c70296401757984970575784b70c07c15d6de8a44f732", + "sourceRecordsHash": "ceb3a94c23c2414498977420ffb494d88765b00a575046aae2d0cd1e700d5f4d", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e1b15666468dbbd8c38d70cd", + "humanNextAction": "homologar rota administrativa acao para finance/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "cliente_externo", + "routeId": "finance.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4ecc62d1921b3b9386c6c1d4971fbf59ee891c6b6eee15f8a501b311c7ae5aa6", + "sourceRecordsHash": "e1b15666468dbbd8c38d70cd0c8d28e6bb03fd5453608dc52bc96a0d84f357ae", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-090cd75846e11b869588172a", + "humanNextAction": "homologar rota administrativa auditoria para finance/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "cliente_externo", + "routeId": "finance.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "337b149b5a0f85c7a839ffee4e4db478b949f327d4e3da6a25d1afe4c10e21c0", + "sourceRecordsHash": "090cd75846e11b869588172a026eee7a55af3d95483798faa1ef3e03594d4af3", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-fd87637eca5bd07586c50ef7", + "humanNextAction": "homologar rota administrativa consulta para finance/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "cliente_externo", + "routeId": "finance.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "ef83689e2130ec04a3c047afb3614e74e80fa6f88c2f57499a8bb2b36db3d338", + "sourceRecordsHash": "fd87637eca5bd07586c50ef7f57306389814a9e11360557df569005ff5a2b0db", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ac6ed7bb4d06527a8ca04e38", + "humanNextAction": "homologar rota administrativa diagnostico para finance/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "cliente_externo", + "routeId": "finance.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "f18b43bde1ae004da0acf02d3e7a4a5181990b97092c2e642aad22765b2d8a7a", + "sourceRecordsHash": "ac6ed7bb4d06527a8ca04e3846c145bfb5a0d9715161bd3d9419d3c74485b736", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-3d8066d09a087207ad6a1c7a", + "humanNextAction": "homologar rota administrativa explicacao para finance/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "cliente_externo", + "routeId": "finance.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "147a9d51d416274213011d8dab47b7a00b3c2938ed2f2c7624c163c120dbfb71", + "sourceRecordsHash": "3d8066d09a087207ad6a1c7ad2543c4c2f5ed60223dac4f8ed94a23d98403eac", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-41329b7474506cbe5ebecc8a", + "humanNextAction": "homologar rota administrativa acao para finance/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "contador", + "routeId": "finance.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a3a1ff5a2962391246e618ce5bdcf3066e0a1d69dd240fdfc3cd511224d21517", + "sourceRecordsHash": "41329b7474506cbe5ebecc8af091981927cad1c02eb47e2827c6ba63856ed3a8", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-3a14235f989b05929c8d0a8f", + "humanNextAction": "homologar rota administrativa auditoria para finance/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "contador", + "routeId": "finance.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "cb39a9a53bce8c24e88373e66c5993890003b29175bbb6922ad04bdde3eb1741", + "sourceRecordsHash": "3a14235f989b05929c8d0a8f8bed2f565143067bbb2cbd3933f8b555d17b0fe8", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-8817e6bdde02179a1821eccf", + "humanNextAction": "homologar rota administrativa consulta para finance/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "contador", + "routeId": "finance.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "eee46fc109d79512925f2a9bfff9c5f1b982d1c278f767017d101d5209660171", + "sourceRecordsHash": "8817e6bdde02179a1821eccf56e10449708ac4c00eb45bf00584580cfa877c80", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f0ba115295cf2f186e840ec4", + "humanNextAction": "homologar rota administrativa diagnostico para finance/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "contador", + "routeId": "finance.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "8352f4d7aa8feb697b5feb784677b98649265e60e3c2f8dc1bd2cccbbe7e0cb8", + "sourceRecordsHash": "f0ba115295cf2f186e840ec4501ea2e021f6945ce417ebb6cb7ae42aa37b9c93", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-988af97e2ac74be5a5016f6a", + "humanNextAction": "homologar rota administrativa explicacao para finance/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "contador", + "routeId": "finance.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e4fd6c0b5ae558a460e82fe648903d798fff2429f570e5715541442afe344f91", + "sourceRecordsHash": "988af97e2ac74be5a5016f6acf9be1d3e890affa0f6beb28f5403a205515ae0a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-603888ff917c998ab7788cad", + "humanNextAction": "homologar rota administrativa acao para finance/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "financeiro", + "routeId": "finance.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "231d2039810d14860c33a72e57ca051b5eed5c0272762bcf84a5cb1f13c54073", + "sourceRecordsHash": "603888ff917c998ab7788cada0d4982b319ea1016ec5d9de5b5ac04b48f01798", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-c1790521c91ae78316586de0", + "humanNextAction": "homologar rota administrativa auditoria para finance/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "financeiro", + "routeId": "finance.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "28f7f70a3cf50bb46f631425049a3c1606a1f4626df7c5dabcbe5fc8ed41883f", + "sourceRecordsHash": "c1790521c91ae78316586de0a672dfd918526a1b8dd6333112ba376d0706cc88", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7d56d890416852a04849a881", + "humanNextAction": "homologar rota administrativa consulta para finance/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "financeiro", + "routeId": "finance.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "8e3d497070365caaa55149a3b02a1960f0b4bc906ce9c171ba8fac90b07057cf", + "sourceRecordsHash": "7d56d890416852a04849a8810b16c34dcd1fa6ebbf827217888c8402b8bb5ddd", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-96b68f4424163cdb35885e20", + "humanNextAction": "homologar rota administrativa diagnostico para finance/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "financeiro", + "routeId": "finance.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "6c96aab6489e1cf8400c04add1dec8fc1300f75fdeb240f069122923323e3369", + "sourceRecordsHash": "96b68f4424163cdb35885e209d78caff32eff819daf3de4f8ebe864cb4d0239e", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-23df5150e457ad917e4cb78f", + "humanNextAction": "homologar rota administrativa explicacao para finance/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "financeiro", + "routeId": "finance.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ac44376293f0e8c083b9a22cad652cd32680611072c28e9cef01b78e332b831b", + "sourceRecordsHash": "23df5150e457ad917e4cb78f3d3e04f5bf5d85d396c772adae923c1743817a04", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-2eb34ac9112184c12cc80546", + "humanNextAction": "homologar rota administrativa acao para finance/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "gestor_operacional", + "routeId": "finance.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d6b5225ecda26375337d7a0623cbdbe87e68e3a9af6a3ec1e3002c5ffcce705a", + "sourceRecordsHash": "2eb34ac9112184c12cc805461f41b198e62bc6d009853324c8b9afec920dc671", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-69839b0b197adcd6e60c754a", + "humanNextAction": "homologar rota administrativa auditoria para finance/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "gestor_operacional", + "routeId": "finance.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "2cde084905d9ea78339fcc576e1d9ecc3166c578ed01481e702859ee85f9e189", + "sourceRecordsHash": "69839b0b197adcd6e60c754aaddabae703ef62dd047068d3bb8f152b3ab942af", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-0571a7eadd1e98134bcbcf79", + "humanNextAction": "homologar rota administrativa consulta para finance/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "gestor_operacional", + "routeId": "finance.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f88f196b7e3257cdb20c0fcc8d44e9ca47c46730350ce92c1b85c9fd94bb99e4", + "sourceRecordsHash": "0571a7eadd1e98134bcbcf799db3adc4ff6a9107f7099f2c76b77850e32458a3", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-54809888a3460031f8541831", + "humanNextAction": "homologar rota administrativa diagnostico para finance/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "gestor_operacional", + "routeId": "finance.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "e601f816a0eb3704e5cb9ddd8f3f01ae827e569a787dc63da39a1a0ec512af34", + "sourceRecordsHash": "54809888a3460031f85418316073d1f51d3e25ad3ce7c59a4b934f5ff406c87b", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-47af240fcd48eab9b045331e", + "humanNextAction": "homologar rota administrativa explicacao para finance/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "gestor_operacional", + "routeId": "finance.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "5005774800056934193ca20990725edfda7924fef7fb58ad7c40d51caefb4f8e", + "sourceRecordsHash": "47af240fcd48eab9b045331e4640b89fe4bc47a49d19fb9025c5faeef34ac64e", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b2e1458916b959d1ff847138", + "humanNextAction": "homologar rota administrativa acao para finance/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "juridico", + "routeId": "finance.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2d92b69b00f9d8f9d21a59be5a43e13afad8adf6cbe44c54bb151debbc380450", + "sourceRecordsHash": "b2e1458916b959d1ff847138b8fe814832415ac5db93f01f2ee4e0196893b390", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-83792d100bc80ba926b5c7d1", + "humanNextAction": "homologar rota administrativa auditoria para finance/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "juridico", + "routeId": "finance.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b6eb5c2a648ae91d9b15ce8899529b0c34cf1c0a1acdf2147c1c998c25ea69c7", + "sourceRecordsHash": "83792d100bc80ba926b5c7d17da03e340e446b839f7da52a60ffa1bfb5f51285", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-457c071433c0c338a39cd9df", + "humanNextAction": "homologar rota administrativa consulta para finance/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "juridico", + "routeId": "finance.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "717491ba23a2ec3e81ffa4b52a75610ae6f6edf5a2e73fddeeeea03639321c31", + "sourceRecordsHash": "457c071433c0c338a39cd9df682c3e4525e3371af185a7783da3756e17f8210a", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f431d840d7d3e80103f8c6db", + "humanNextAction": "homologar rota administrativa diagnostico para finance/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "juridico", + "routeId": "finance.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "3bc5329ef9353db32f54a7bfccff4622d608850d1f51266e3887abd9a8fd27c0", + "sourceRecordsHash": "f431d840d7d3e80103f8c6db3f6985ac3b970ed9935e47c6d2246ccd47ba0e6d", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a2b1aa81238ab845b8955f37", + "humanNextAction": "homologar rota administrativa explicacao para finance/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "juridico", + "routeId": "finance.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "96b2d66653b24c3282f3d3b3ca3381b664c058c691473ae455aabd53a74f6d31", + "sourceRecordsHash": "a2b1aa81238ab845b8955f3796c4012f998ba43c4019b25cf617c0a6635fe7e3", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-a0fe9ba2943b1b65606a93eb", + "humanNextAction": "homologar rota administrativa acao para finance/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "planejamento_estrategico", + "routeId": "finance.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "af5f493d2c04e69aa4bd836db9dc5313063b73325b87d5b33b179fed5cbbdf9b", + "sourceRecordsHash": "a0fe9ba2943b1b65606a93eb2d6eea97fa0d47eede4fc2ca3784a247f4dcc4f7", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-ceb1ab288edabeeb0a55623d", + "humanNextAction": "homologar rota administrativa auditoria para finance/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "planejamento_estrategico", + "routeId": "finance.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "a9bed5e81874ebfc527f081105492f5330cda22698b9546cff4993c2f42443ed", + "sourceRecordsHash": "ceb1ab288edabeeb0a55623db08633b6d054b52b545619f2692329e610471745", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ce253970562e379b130e24f9", + "humanNextAction": "homologar rota administrativa consulta para finance/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "planejamento_estrategico", + "routeId": "finance.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3c165fdb89d5b42d8322fcc8c8d7f144370b18e6e1e0b5d05f2c6549befe415f", + "sourceRecordsHash": "ce253970562e379b130e24f93f4f0503c6a1cce6fe92a4f03174182877e06581", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8200dbacc442a1f4fb96cd1f", + "humanNextAction": "homologar rota administrativa diagnostico para finance/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "planejamento_estrategico", + "routeId": "finance.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "795a727e88e25d9dace9b512294778c7dfbf8facb18753ed0cdc716a75ed03ee", + "sourceRecordsHash": "8200dbacc442a1f4fb96cd1fbe258f62b47d60024fc91ff7136f3d7d501d75c9", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-e326cb6a5147fd51dd1d6826", + "humanNextAction": "homologar rota administrativa explicacao para finance/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "planejamento_estrategico", + "routeId": "finance.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "40a8c3f257cd468c1bf28c5826ab1c62dd1097317cc2df1b70967215f50f7b60", + "sourceRecordsHash": "e326cb6a5147fd51dd1d6826c56e52963d491b8f6a45db942011e4dc3832a1c7", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-ce7a53f10dcd05366e56159e", + "humanNextAction": "homologar rota administrativa acao para finance/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "secretaria", + "routeId": "finance.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c7faeb29578d3a7957c1756ae3c5b11fd9f039ea67a04f9c47aa1ca29783919d", + "sourceRecordsHash": "ce7a53f10dcd05366e56159e0db8a8183b96f8de32182ed7045a6ab1d50a4167", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-9829a2731ae49252fcee349c", + "humanNextAction": "homologar rota administrativa auditoria para finance/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "secretaria", + "routeId": "finance.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "7888fa4418011dc767643a90e6cb0fddd41ef295a9f61db9f801b4252c8a790d", + "sourceRecordsHash": "9829a2731ae49252fcee349c0a10e56a48dcf034262875617ec7e63c6214ebb2", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-e27c2a9251dc1713b8173327", + "humanNextAction": "homologar rota administrativa consulta para finance/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "secretaria", + "routeId": "finance.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "18630400fc9bcb8a5a1b962f93a3f287bf1e25d21807fffb3b26c09ef0847154", + "sourceRecordsHash": "e27c2a9251dc1713b8173327d0a65353a671d817ad23c252261ea2b0961c262a", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a4c63d4977fe22b3772ec4f6", + "humanNextAction": "homologar rota administrativa diagnostico para finance/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "secretaria", + "routeId": "finance.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "34846f2659593dfee6225da4534370f59229ea1de779beccdcc0f5250ee89973", + "sourceRecordsHash": "a4c63d4977fe22b3772ec4f678b4b252e9e2d73e2ca71808cdc75c69071c2bda", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8ace6757a71bb1fb14bb2b38", + "humanNextAction": "homologar rota administrativa explicacao para finance/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "secretaria", + "routeId": "finance.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "66c40e49a63d466534281e42a651e3df2e4e2644e7d98f5dc5c7658ba5e3c3d8", + "sourceRecordsHash": "8ace6757a71bb1fb14bb2b388cb96794e67c5833e2173585cb283a74cd2f58ae", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b263c51956b1a9eaef37b60b", + "humanNextAction": "homologar rota administrativa acao para finance/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "suporte", + "routeId": "finance.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "55e773640e2f21441073982fa3f6cf33ab435c2c1b00a3d16b7b5421fd240e06", + "sourceRecordsHash": "b263c51956b1a9eaef37b60b06ccf8f916c4015d4c4f5de3bc3b55f13626a903", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-e6bbd6aa060b8937aa4fa474", + "humanNextAction": "homologar rota administrativa auditoria para finance/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "suporte", + "routeId": "finance.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "0bfb2aee3e5d7f913eddfc085a7b8f5475d863726694cbacdeb96afb20979dc6", + "sourceRecordsHash": "e6bbd6aa060b8937aa4fa4745637c2a61d51bd93772ead10e1e347a8b0ffef74", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-a3452f5c1e09acd5973c6d81", + "humanNextAction": "homologar rota administrativa consulta para finance/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "suporte", + "routeId": "finance.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "7b0d7fc377041e539be643e0e390e59cc85eea42a17c41c776c3bc1cb77e70ab", + "sourceRecordsHash": "a3452f5c1e09acd5973c6d816f94011cb0e502f694c57e51b0044fe2b5e20c77", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-45093649610a663096f57e67", + "humanNextAction": "homologar rota administrativa diagnostico para finance/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "suporte", + "routeId": "finance.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "775cb51c20ca7ba53de486f6d1bce7ba2db551e32d2f5a62c4dbbfe956bf8819", + "sourceRecordsHash": "45093649610a663096f57e672f47c3a18a0ca701aef8a3bfd64ad8cc8a391ead", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-0b6322d10a432869b8772b21", + "humanNextAction": "homologar rota administrativa explicacao para finance/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "suporte", + "routeId": "finance.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "892cca62f5984d65c5eb490da24dd51e098698e70d625ecda0ceb7b07c8a2395", + "sourceRecordsHash": "0b6322d10a432869b8772b21fbf1500cf23c5af43a99755384f45f4adfee5e2a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-efef18c33067274c5f1198a2", + "humanNextAction": "homologar rota administrativa acao para finance/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "tecnico", + "routeId": "finance.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8581c5554349872d70cfce032b318e3ab48a374d3849bf7a66952e4ba1f2555e", + "sourceRecordsHash": "efef18c33067274c5f1198a2105cd497b039defca3daebe9a81a86e016513e3d", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8a48b93ae3ca4327bf894b35", + "humanNextAction": "homologar rota administrativa auditoria para finance/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "tecnico", + "routeId": "finance.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "59a7f605c549aa0222fc885238649b3d978c0cb72585d53b57cbfeecaa37a97a", + "sourceRecordsHash": "8a48b93ae3ca4327bf894b352771b2b74aec0dd03f7601201c2ee269cde6fd3f", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-09e2e914611744e4e46b565e", + "humanNextAction": "homologar rota administrativa consulta para finance/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "tecnico", + "routeId": "finance.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "c40d6a7c5846f389cb8acd75b3601000af8146ae10077cdc7c07b0ec9f97ec69", + "sourceRecordsHash": "09e2e914611744e4e46b565eb3f3ff807ee4ad725fbafdda759bebbc09b5f0cb", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8b3420d0b708f9bac5601b8c", + "humanNextAction": "homologar rota administrativa diagnostico para finance/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "tecnico", + "routeId": "finance.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "bf05c2457e35642e3be143a5c4906b6e8df803fc796917e324dace90ec0e278b", + "sourceRecordsHash": "8b3420d0b708f9bac5601b8c5a51f769abc8caae95f7718e8c1a19637fa25ce8", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-cc09e762712126e2330f7deb", + "humanNextAction": "homologar rota administrativa explicacao para finance/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "tecnico", + "routeId": "finance.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a071f4cf1fd533c293333f6ce1861168c96df139e312a940045ea26a1a3d5d9d", + "sourceRecordsHash": "cc09e762712126e2330f7deb532957bcd41481a504d118a77a10aaad43a2edac", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-dc219e8fe7c91a700dd08f14", + "humanNextAction": "homologar rota administrativa acao para finance/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "finance", + "profileId": "usuario_final", + "routeId": "finance.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0fd81e1df2527f16a47b6bc058ad05cc8f4763b10899c62d07f4671aa52e4504", + "sourceRecordsHash": "dc219e8fe7c91a700dd08f141b3067d7491872e821bad507cb95bfc1703bcbef", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-33380d9bc5049dc78447e5a5", + "humanNextAction": "homologar rota administrativa auditoria para finance/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "finance", + "profileId": "usuario_final", + "routeId": "finance.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f318f6ac626fc80097acc985b6459af2897e7e43404ae552cb6243356bbfb26e", + "sourceRecordsHash": "33380d9bc5049dc78447e5a5798998b8fa7eb9d208ee3c060ab461fcb77ca817", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-084a97c6a14d8d64739d15fe", + "humanNextAction": "homologar rota administrativa consulta para finance/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "finance", + "profileId": "usuario_final", + "routeId": "finance.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "856ba9b29b6f9e6ab834da2b169594d622aa49105fdd6e6979c875838f5a955f", + "sourceRecordsHash": "084a97c6a14d8d64739d15fe4a185973d32a8b39f3e247c001608fb72b6771c1", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-b5854aada4824a27d8cd5eb0", + "humanNextAction": "homologar rota administrativa diagnostico para finance/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "finance", + "profileId": "usuario_final", + "routeId": "finance.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "026fea7317f25ba876fc226de6b2c92a72c72e7cafef8e7006db4953c98370bb", + "sourceRecordsHash": "b5854aada4824a27d8cd5eb00f73c54ef809eac3a82fcaa3878b88b67b9d58e2", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-1b62b7f73aab864facc887b3", + "humanNextAction": "homologar rota administrativa explicacao para finance/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "finance", + "profileId": "usuario_final", + "routeId": "finance.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "dad9c3cff2ab07cc11f32948ca07942fa264bc6b5eb1bdd4755061f3c72dfed0", + "sourceRecordsHash": "1b62b7f73aab864facc887b36997be7555b21602b5d2e5710c60979f99e370b5", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-25b7416e2574bbceb5c7c8f2", + "humanNextAction": "homologar rota administrativa acao para gettys/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "administrador_empresa", + "routeId": "gettys.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "73884f8203109b5d8b6d9f7f0bf3a0d85c696043d938f71e3b5890b87ade1131", + "sourceRecordsHash": "25b7416e2574bbceb5c7c8f2b3522c30ab4af4d9b686efa5318bfc3fd665de56", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-ff74c58a6d6f5a0bc49209eb", + "humanNextAction": "homologar rota administrativa auditoria para gettys/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "administrador_empresa", + "routeId": "gettys.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "fb770024a98f9fbf149dd42a5e2cf11a811d886dbed7751615b7009da0e43398", + "sourceRecordsHash": "ff74c58a6d6f5a0bc49209ebff91c04b249eb03cff8007ea5e4aed6a7fe41c58", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-2452ebaa3195fd63ddc718a0", + "humanNextAction": "homologar rota administrativa consulta para gettys/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "administrador_empresa", + "routeId": "gettys.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "bca9482e609ef1178a45bf9bd6047bfd8ef2bfcdc3cdb0ce57176baba5bd8b9a", + "sourceRecordsHash": "2452ebaa3195fd63ddc718a000782b78454a30d97e2f50a94247e110d102ad37", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-68672253cc0b3388a101a0a6", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "administrador_empresa", + "routeId": "gettys.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "40b2f88b270eab47232708f4b507f923b01b69fc2b394490074a49cb6806dbd3", + "sourceRecordsHash": "68672253cc0b3388a101a0a6acfba78151c48427b453aaacd9bf4d1f9556f0a2", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d891f54c46914bded1d9791b", + "humanNextAction": "homologar rota administrativa explicacao para gettys/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "administrador_empresa", + "routeId": "gettys.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "40aac18c595793c1cc5d1af9359ef7c4a42ceae1a18ba323823b10d2cee407f1", + "sourceRecordsHash": "d891f54c46914bded1d9791be1d5fdcd64fa2be548e9574ce25a5aa0ee7228c5", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-30cd60a35dde3f005728874c", + "humanNextAction": "homologar rota administrativa acao para gettys/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "atendimento_cliente", + "routeId": "gettys.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "b3b3d86f8f79952b3e2bf0902b3e12f2974064d9e544ca484a6522e7b919cdd5", + "sourceRecordsHash": "30cd60a35dde3f005728874c822cb4f3eeee68d55a841b265c10cfe1c3301da7", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b4af1499c0ec134c58f39de9", + "humanNextAction": "homologar rota administrativa auditoria para gettys/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "atendimento_cliente", + "routeId": "gettys.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d48d60a4115028e34f3d1b147b838211c8b03c3ef3567bab32d57b19414551c4", + "sourceRecordsHash": "b4af1499c0ec134c58f39de97c858d916435769884cd02c6e952cb0c13d6f174", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-b006a2171a6ca1b949224bf5", + "humanNextAction": "homologar rota administrativa consulta para gettys/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "atendimento_cliente", + "routeId": "gettys.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a064aec3c1c7cd44c81161126564141887483957de858afe98faca563f836b46", + "sourceRecordsHash": "b006a2171a6ca1b949224bf5a9725a77fe8e6199072e7706665b2642054a7ddb", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-393be80f0887c3eb2b0b9bf4", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "atendimento_cliente", + "routeId": "gettys.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "0de15fb6b5a8e226597b78953438b0088ccd710e2fe0deab5583e8ab5ad766a8", + "sourceRecordsHash": "393be80f0887c3eb2b0b9bf4ce857842cd31208530bc8e8ee3c14cef50e9f511", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-df6b51cb66d6324a08a1b0b9", + "humanNextAction": "homologar rota administrativa explicacao para gettys/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "atendimento_cliente", + "routeId": "gettys.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6b9ca4caaa21177b6bcc38530e4a0d13a97bb2e1a389916d619ab57cc3129dc9", + "sourceRecordsHash": "df6b51cb66d6324a08a1b0b9db8e1ee47d33ba87c4cd4f60dc1434e11b4c9866", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8c1d8133cc6af11a0de95db8", + "humanNextAction": "homologar rota administrativa acao para gettys/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "ceo", + "routeId": "gettys.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d4abb1114936ab5ff630730b1e95befa2d79f98b72c1557bd70250c5f16eff29", + "sourceRecordsHash": "8c1d8133cc6af11a0de95db80e6fa2c2ac31bc5fd199ce256cf0fe7fc983425a", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d764bd0a538462b80ff313c0", + "humanNextAction": "homologar rota administrativa auditoria para gettys/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "ceo", + "routeId": "gettys.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4c5ff8be8ecdf3f9ac3b54d5b4aa7b4e963abd054828732802fb87f179cdf6a9", + "sourceRecordsHash": "d764bd0a538462b80ff313c0622b7f915a115260faa6428770a17c7d82d00e1b", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-90099d4f150347ab1f7a1128", + "humanNextAction": "homologar rota administrativa consulta para gettys/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "ceo", + "routeId": "gettys.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "450391e0265508f0a8dbf8e7836f7c2bf6c88f0708e6f95ef068201fe549be69", + "sourceRecordsHash": "90099d4f150347ab1f7a1128d313a39d6471ce7c7b31c1cc8e42eec9306efaf0", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f670f009d44a31f9367a1c35", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "ceo", + "routeId": "gettys.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "1989053940bd8ca50a404f55b6714eb870ee2d550856fb8b61fed77d529c3d5a", + "sourceRecordsHash": "f670f009d44a31f9367a1c35015c4c41e4fb62571868e164091a599347890585", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-f38e635c9b171aa6e9f48583", + "humanNextAction": "homologar rota administrativa explicacao para gettys/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "ceo", + "routeId": "gettys.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "62b4f126389cef041678548dae37cd11a7a4a2f154cc0e10a92979e7cad95619", + "sourceRecordsHash": "f38e635c9b171aa6e9f4858378576fe2738372e9bd2757808ec6e34ec59c4ab2", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-48fac947a1a18353889ba989", + "humanNextAction": "homologar rota administrativa acao para gettys/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "cliente_externo", + "routeId": "gettys.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "fcc95a4552a35ecc94394ea2ccb97da9b2c27fb549b939e7a9d8be61a4ac8f34", + "sourceRecordsHash": "48fac947a1a18353889ba98911d0d21b9654bb272a111f9c4451f491378276f2", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-77a25dc530c30a399322d0b1", + "humanNextAction": "homologar rota administrativa auditoria para gettys/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "cliente_externo", + "routeId": "gettys.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "5b3d23d639d12e401c190beb6405635bae800c5c2dadb4d33b5f868f56ff6f32", + "sourceRecordsHash": "77a25dc530c30a399322d0b117e10c888df18b669b9ce9ee98c59c25867ad7aa", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-909a322dbfeadd376e71a50e", + "humanNextAction": "homologar rota administrativa consulta para gettys/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "cliente_externo", + "routeId": "gettys.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "2ffd52aa564e41d6bf218cdc193bce2d24fa949fd19ed891b3652ef69dc3cf4c", + "sourceRecordsHash": "909a322dbfeadd376e71a50e065bb1b9fb218b37b210658680bff5f29cdf3d88", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d720b747299e81faaeb40e3b", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "cliente_externo", + "routeId": "gettys.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "b63ad7abb62d4e93e7d880e6f60e27a814b50d95f64e40ee5f9d926873cdb1ea", + "sourceRecordsHash": "d720b747299e81faaeb40e3b1863c1092f4bcd65a604333b797eb9980ffeb2eb", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-44d20caa2104bb53f85abc9c", + "humanNextAction": "homologar rota administrativa explicacao para gettys/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "cliente_externo", + "routeId": "gettys.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9900e0a7a7a1ef07c1a0fc5a0454a3e155b7bec106cc3c9c113f4568ab4318c1", + "sourceRecordsHash": "44d20caa2104bb53f85abc9cfb8a1a2847758313faba8dd9ee3835efe4f8d43c", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9c8287168a83e0a06a185ac1", + "humanNextAction": "homologar rota administrativa acao para gettys/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "contador", + "routeId": "gettys.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7432f1a7f241728218a9de7fb926682642e5f3671fbcffaf766fe964ec05bab0", + "sourceRecordsHash": "9c8287168a83e0a06a185ac1acfeb38e5b76aceddd36d9fa90acd7a19eb122f6", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-858d0225bcc2f5b81d879b2c", + "humanNextAction": "homologar rota administrativa auditoria para gettys/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "contador", + "routeId": "gettys.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "73e718cddc2884d58b9b6d4fe4f93fdb83e793958c96e1a876305450de274d89", + "sourceRecordsHash": "858d0225bcc2f5b81d879b2cce8a82f591cbe4c1252d38bfd705eb7efe74d0a8", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-58a42bb0f859a78d3c92c55c", + "humanNextAction": "homologar rota administrativa consulta para gettys/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "contador", + "routeId": "gettys.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "e4a1618a823e27c8223a3046619672331b8dbe1f924f4510fb0d02cee5aaa96e", + "sourceRecordsHash": "58a42bb0f859a78d3c92c55c615bca189706344639a535674872c1449ad1b037", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0841d0af5e756992c9fe0a21", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "contador", + "routeId": "gettys.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "2dc33f44a4c71919f94292838fc8b4edd986f7da13fe8112c58de59b4e569610", + "sourceRecordsHash": "0841d0af5e756992c9fe0a21d59e78af44b701e1c518a0f8b6d19ddf97727b84", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-9cddf320d13b9530dd1365bf", + "humanNextAction": "homologar rota administrativa explicacao para gettys/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "contador", + "routeId": "gettys.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "07fb26448820f9292f80c879b1748b7073c94f82798d1449f43d87e7a298b4cd", + "sourceRecordsHash": "9cddf320d13b9530dd1365bf52a1284a37eab4b0a8c41472ff8701e8105d6875", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-77c66f38f0b242222af855e6", + "humanNextAction": "homologar rota administrativa acao para gettys/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "financeiro", + "routeId": "gettys.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f330a1be0cbeaffe860cec4565ac23c50a45c33a3e677f2ce391f59994b2bc74", + "sourceRecordsHash": "77c66f38f0b242222af855e689b2bdb6198cbf7bb00dbb7e8973517f725396c1", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-6f579d768636a7e561843b1d", + "humanNextAction": "homologar rota administrativa auditoria para gettys/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "financeiro", + "routeId": "gettys.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "6a467239fd1a9940203291226c4e873bac7ea0699d9ae627424071033b4742e1", + "sourceRecordsHash": "6f579d768636a7e561843b1d0da1a1b58b5712569de7eb893d753ee7c17e8249", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5458cf34c8bc5cda65cbf35a", + "humanNextAction": "homologar rota administrativa consulta para gettys/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "financeiro", + "routeId": "gettys.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "cb0263f7f0b241d5985a0fe27ee008b66b2441dc89c8e2d9ba3fc16cf4bce77c", + "sourceRecordsHash": "5458cf34c8bc5cda65cbf35abca89daa891e21b2ee2a0d0c1d61371ca66d3867", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e6dca188c8549cca4d50925b", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "financeiro", + "routeId": "gettys.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "a8273806beacc9c416ccd5145c934ab021f0ea351a168c4b5be5bbcbf2bb9e0f", + "sourceRecordsHash": "e6dca188c8549cca4d50925bcebcbae23254dd4b36b2d9831beba1db80697186", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a8afb10492fca8704c80ab35", + "humanNextAction": "homologar rota administrativa explicacao para gettys/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "financeiro", + "routeId": "gettys.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4b2570d4b14a3f13ec7931325fffdd10e16d3cea6cc5d541c5dd9f3a055634ed", + "sourceRecordsHash": "a8afb10492fca8704c80ab356a4e149bc58976b902739379983ee1753f88b94d", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-2a070552dce678eab3912dee", + "humanNextAction": "homologar rota administrativa acao para gettys/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "gestor_operacional", + "routeId": "gettys.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e51bdf3db30ed55b4f4dd8829ce663723aa7fff862d02cf8bf078304f27d710e", + "sourceRecordsHash": "2a070552dce678eab3912dee9135e0f2832ca2077e9a1ff22432b02042c39480", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-3d95b5a6c8e609db696cf58f", + "humanNextAction": "homologar rota administrativa auditoria para gettys/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "gestor_operacional", + "routeId": "gettys.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f11504eac6998eb6e4c697caf9f8fb591d5629f9cf4febea0c019c179d120455", + "sourceRecordsHash": "3d95b5a6c8e609db696cf58f05c9e09860b9390ed1f0ede1561940ba83c8619b", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d604572e1cc2563442bdcad1", + "humanNextAction": "homologar rota administrativa consulta para gettys/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "gestor_operacional", + "routeId": "gettys.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3b8bdc84157c8686687b15bb1e48a22fee120e55f16d7ae36a5f342050f17c92", + "sourceRecordsHash": "d604572e1cc2563442bdcad163bf1f03b58bbccb11d319ccc4b5c7ba296d95fe", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3b501230522c68b7ab9776fd", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "gestor_operacional", + "routeId": "gettys.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ff28782256e8898991c17b39c23beb4d815093bc60890711eab04b81ef5cf311", + "sourceRecordsHash": "3b501230522c68b7ab9776fdec96e44ae9c1e0fa39f807738b173cee2a169c38", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-df3bf3f914060604b4e92fb1", + "humanNextAction": "homologar rota administrativa explicacao para gettys/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "gestor_operacional", + "routeId": "gettys.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "04b2899e2f9662d19dcc44754a97dc77e4e794e7d446bcc112eb283335d16342", + "sourceRecordsHash": "df3bf3f914060604b4e92fb17360195ff1c0269b90f7a716a745a9be5ed18a43", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d5231e50701c671e4d043627", + "humanNextAction": "homologar rota administrativa acao para gettys/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "juridico", + "routeId": "gettys.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "10919ca030fbcc68ac627de8970799b3b7a9bf94ecdc88d1fdc03ac48d4ee8bf", + "sourceRecordsHash": "d5231e50701c671e4d043627b040b8650f4af61efbe113b3779718a0f92394b4", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-f768c488ce1329af74f361fa", + "humanNextAction": "homologar rota administrativa auditoria para gettys/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "juridico", + "routeId": "gettys.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "fccb1f34ad39661549faf088ff7f494611e2253025429d5cf207a6a176bfffbf", + "sourceRecordsHash": "f768c488ce1329af74f361fa5f8cf84f817db95454acf85e4d7560e9a1bf929e", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-09402766b27474133cb6ca15", + "humanNextAction": "homologar rota administrativa consulta para gettys/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "juridico", + "routeId": "gettys.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "71b2b2a31891fd45638fecfd04b62d449501891d0a14cf47b8765c976cd0b9be", + "sourceRecordsHash": "09402766b27474133cb6ca1510fb8d526f0b39f944b659e70ab0db1a87ffd3e7", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-77bdfd2d05d143e1b43c89cc", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "juridico", + "routeId": "gettys.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "84e1b158467375880562bd9ee36ef6875fea5552dd78205660dca4591ba19017", + "sourceRecordsHash": "77bdfd2d05d143e1b43c89cc6d0cd33870fb29bf09a237eae5034a4ac70dcbd5", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-795fdd3477daec12bf268df9", + "humanNextAction": "homologar rota administrativa explicacao para gettys/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "juridico", + "routeId": "gettys.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4dbe1ab96f780403f9417881fcb9866434036d466f27aa6e20dbcc0251fa872e", + "sourceRecordsHash": "795fdd3477daec12bf268df91ff579e4d3d96f490210669563b30d0061bc39dc", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-38d829bf8550a00297414ef0", + "humanNextAction": "homologar rota administrativa acao para gettys/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "planejamento_estrategico", + "routeId": "gettys.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3daebec6e75155039b95594a9decf973529730588e52f2bac392cdb23f3a6e34", + "sourceRecordsHash": "38d829bf8550a00297414ef0d0acb8c0d04e402d42e41ab1ec6874dc4b724958", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-bf3d234661f4c32f547a3da9", + "humanNextAction": "homologar rota administrativa auditoria para gettys/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "planejamento_estrategico", + "routeId": "gettys.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "97d7fc9c512a3e8c1bbfe6a95b06125de1c7a5f7876d712391fc86dfc791baf2", + "sourceRecordsHash": "bf3d234661f4c32f547a3da930051be149ba82114c4478ee585d93041a57a496", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-011d3e870dad6a663d57a406", + "humanNextAction": "homologar rota administrativa consulta para gettys/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "planejamento_estrategico", + "routeId": "gettys.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "215e70a31bd3a7fe59f8fe6c26e607e38885aca4f131195cda86df95fffad271", + "sourceRecordsHash": "011d3e870dad6a663d57a4062c79d65465e2ea96ebe7a89b25a4e6591405694f", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-c3dac11f099c50f56cbd5d41", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "planejamento_estrategico", + "routeId": "gettys.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "779093e9aec502d2939a7fdc4fc7334344a2de76e970c760119175d620649f0d", + "sourceRecordsHash": "c3dac11f099c50f56cbd5d41219dd058fba77c7ed6ab26008b78fb64dddcfc7c", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-04414f3a32615914131cdfe7", + "humanNextAction": "homologar rota administrativa explicacao para gettys/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "planejamento_estrategico", + "routeId": "gettys.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6381d75cdc7de80c504035fa7b8f908753de6932da38afbdc0a3f20920bd9f8c", + "sourceRecordsHash": "04414f3a32615914131cdfe7c119368ef2ffc3992752bc0a51d5c6190d1e41ae", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-94327b22b2779d5bff7e34ed", + "humanNextAction": "homologar rota administrativa acao para gettys/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "secretaria", + "routeId": "gettys.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6fb6862b99bc96bea339eeb8cc1e08af84b6fbec6865db326a331c965298e06e", + "sourceRecordsHash": "94327b22b2779d5bff7e34edba1c334cf5f18c2dc1fa9459e7558bf802acb180", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-e5ccd903b386e7f6092a222f", + "humanNextAction": "homologar rota administrativa auditoria para gettys/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "secretaria", + "routeId": "gettys.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b7edf141f565f617cd99dec34a159d2f18c8d676ba8a3d3d2d77ad64293d1a68", + "sourceRecordsHash": "e5ccd903b386e7f6092a222fe6588f1c9dccde4df0068e1c52817275cdc1d83a", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f5eeb9ab56584cedf7a791b7", + "humanNextAction": "homologar rota administrativa consulta para gettys/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "secretaria", + "routeId": "gettys.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "233f6e61ac88f594dc17c515d8bc3954d83311311a2b07165c7cb5704f3127c2", + "sourceRecordsHash": "f5eeb9ab56584cedf7a791b7480efb40df9508613990ffd1113de32b8e33ed64", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-58032198566c033b5de75fbb", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "secretaria", + "routeId": "gettys.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "a981fd16bd6be989f9ecd421c2d5df3248ed81b296f66ebb167745f9de11282f", + "sourceRecordsHash": "58032198566c033b5de75fbb55dc3d57f1522092b3cb83bea7ff6b3d0f8761dc", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-df0a5ae289519c87f07728c4", + "humanNextAction": "homologar rota administrativa explicacao para gettys/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "secretaria", + "routeId": "gettys.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "729aa9243edc868c69bc2f2ecb385b414562ad8a27cf5c802c57cfdf32a51adb", + "sourceRecordsHash": "df0a5ae289519c87f07728c4ea2f1d12dcd1e93985bcfb1542f346c37bf67942", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-1fa8898366720c482f82fff7", + "humanNextAction": "homologar rota administrativa acao para gettys/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "suporte", + "routeId": "gettys.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6318dc03222f2864130a37a7bdd48e8c61f9b020a37a4841b7da10e5fbef3ec9", + "sourceRecordsHash": "1fa8898366720c482f82fff7a6c44da217b229b71fa91f303127a60aff640766", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-c7611284f17bc637034ed238", + "humanNextAction": "homologar rota administrativa auditoria para gettys/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "suporte", + "routeId": "gettys.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f278017e3540d27bc98189720db3c0a78916d81950ab769b936ff2d45e82e4dd", + "sourceRecordsHash": "c7611284f17bc637034ed2389ff7a5133fbdc737272a973c0eab6616672cd75c", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-96fc72ee34aea135b9977c69", + "humanNextAction": "homologar rota administrativa consulta para gettys/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "suporte", + "routeId": "gettys.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "cddf634de76febd0852d69115f18f58b37f075798442013ed9fdd53ade726120", + "sourceRecordsHash": "96fc72ee34aea135b9977c6919af97387e5f4704b067b7b14959e3e071eb8848", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8640a02eec804a6a089146f2", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "suporte", + "routeId": "gettys.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "37971583e904f61b2b7c0f2a7a99718d664d47b9f2326c3e84a056718c048cea", + "sourceRecordsHash": "8640a02eec804a6a089146f282831765410e1df957567139e2e6e9069fe0fc13", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-727437b36d4b9a4df558d3b5", + "humanNextAction": "homologar rota administrativa explicacao para gettys/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "suporte", + "routeId": "gettys.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3f275d42ab3f14b4dcce3bf7b2c7db60dc65b67c37fa07a6e1c62a7202f85211", + "sourceRecordsHash": "727437b36d4b9a4df558d3b556adbf3e6753353273073301c6a7a83af4b300f2", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-86645cd7102abc63bc1ccc20", + "humanNextAction": "homologar rota administrativa acao para gettys/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "tecnico", + "routeId": "gettys.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d2524ff242095228e7a5efcfbb7aff414e9e776ea6868daa58cdc6112943de43", + "sourceRecordsHash": "86645cd7102abc63bc1ccc20be087a9c594c2b9bf947ee6916219a1d90d3361a", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-59883651fb5cb75143e610fc", + "humanNextAction": "homologar rota administrativa auditoria para gettys/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "tecnico", + "routeId": "gettys.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c4c4db569e7dca029bee1c6c3b449c1a9e4f2eb4bd2605bf3221049585f3faa3", + "sourceRecordsHash": "59883651fb5cb75143e610fcfd7718a52054f08bccf66e4cdd02ec9f40b1a39e", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-05f0ea8b86519dffe05a5cf0", + "humanNextAction": "homologar rota administrativa consulta para gettys/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "tecnico", + "routeId": "gettys.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "276535ac6c566775433d4c93c16f3054165df244156cbb29740e2b4b10e43761", + "sourceRecordsHash": "05f0ea8b86519dffe05a5cf034b2f55d50c9efec3379a6f07925d5c83f8f0778", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-7ad64f7c4a2682a2577d2025", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "tecnico", + "routeId": "gettys.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "7d505d646242663f0831edbec3b807164bf94b5978d6e9fd01aececd5e38b3a8", + "sourceRecordsHash": "7ad64f7c4a2682a2577d2025d66cf46a432beeec249a16cfd796d3807a731167", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-340843819c215fff8d5b985e", + "humanNextAction": "homologar rota administrativa explicacao para gettys/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "tecnico", + "routeId": "gettys.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "36346551d047b18fb1f7bf32eac97edae960f2fa74a901e65e7344c63f77d21b", + "sourceRecordsHash": "340843819c215fff8d5b985e4ea580036d76805ff98dd2e7832ebaed5d19383b", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-20bf6594a2b93dcec9180142", + "humanNextAction": "homologar rota administrativa acao para gettys/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "gettys", + "profileId": "usuario_final", + "routeId": "gettys.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "745aa69a69925f2dd3007a5656804b0fc213362afa33d527db59b319150cd909", + "sourceRecordsHash": "20bf6594a2b93dcec91801423b4e7647659a558c27873a6401de4fb265a65df5", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-fc99fbe73e29bffac08aeacd", + "humanNextAction": "homologar rota administrativa auditoria para gettys/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "gettys", + "profileId": "usuario_final", + "routeId": "gettys.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4367f25abc243a6025a430d3f2d146063bfd6f99416f77bb6bdaf4f0f51e01b9", + "sourceRecordsHash": "fc99fbe73e29bffac08aeacda57eb52c3decc23c91c31e51db158a1dfbb94f41", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-e32bdb644ccf4491c28ee070", + "humanNextAction": "homologar rota administrativa consulta para gettys/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "gettys", + "profileId": "usuario_final", + "routeId": "gettys.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "0b0aa1450cd3dd361939178b350adf0a6c70cdfd481fcfefab7adba541e64633", + "sourceRecordsHash": "e32bdb644ccf4491c28ee070f42ebb776fa7f6c581250004e83405e7acc10d04", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-b22b17776cb3cc1b7d39ec2e", + "humanNextAction": "homologar rota administrativa diagnostico para gettys/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "gettys", + "profileId": "usuario_final", + "routeId": "gettys.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "c13bf5263bba1cd128590e8198341793c100b5cc582743fe0798d9fc0c605191", + "sourceRecordsHash": "b22b17776cb3cc1b7d39ec2eebc31fe218213e79af0cd5b8c89705f9b0d47c71", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4c39c4bb51b1b5307d788fd3", + "humanNextAction": "homologar rota administrativa explicacao para gettys/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "gettys", + "profileId": "usuario_final", + "routeId": "gettys.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2d004b189f5b39c142fed7c2b4ce2889b25b623c1169d9935e883c855dae7d20", + "sourceRecordsHash": "4c39c4bb51b1b5307d788fd336caaf5b16e7b1ea4489186358dc2af8de6760e0", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-4dc02904b772d72785b85b39", + "humanNextAction": "homologar rota administrativa acao para identity/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "administrador_empresa", + "routeId": "identity.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "cc5b75c26ea7fe1fde0127788f000ad33f1b544cd63ead2476f07436547b4586", + "sourceRecordsHash": "4dc02904b772d72785b85b39a3a7cce10f918e1973cfc2fbe2e6a875adeefbfb", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-da1ef5ca4ea37101298439bf", + "humanNextAction": "homologar rota administrativa auditoria para identity/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "administrador_empresa", + "routeId": "identity.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "be7fba2d30ffdc2344b685491f068650551ba4a8b746ac35ff582b3736bb9931", + "sourceRecordsHash": "da1ef5ca4ea37101298439bfebb257d9b9f6449496d99f820b540af78cd0e6b1", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-3e5363ef34f5582d02d902f0", + "humanNextAction": "homologar rota administrativa consulta para identity/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "administrador_empresa", + "routeId": "identity.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "815d22e81c85c522c52b052e2547d8cce03678629bdd29eb93bc08a25084c58f", + "sourceRecordsHash": "3e5363ef34f5582d02d902f091b233ec6b64c908af79e64f27790ca0ee5f3eca", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-01da00d8c640650b428b0a9b", + "humanNextAction": "homologar rota administrativa diagnostico para identity/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "administrador_empresa", + "routeId": "identity.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "8c22ad5acd4151f1b13bdb2832612495e451ea15de6fde9ae50dd2d6127fc99e", + "sourceRecordsHash": "01da00d8c640650b428b0a9b3f700edf57fdb6b19336e3fbec8b9b3a18100831", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-befad8975ae7b9df70d0d3cf", + "humanNextAction": "homologar rota administrativa explicacao para identity/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "administrador_empresa", + "routeId": "identity.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7f117a5a4a4ac1e8571cd6e237a880f755a57591cbcb636fec59cac8d8154f4f", + "sourceRecordsHash": "befad8975ae7b9df70d0d3cfa180942baadd620ea91cbd7697f279104ff45211", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0bf435d17a46773aeb0064e4", + "humanNextAction": "homologar rota administrativa acao para identity/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "atendimento_cliente", + "routeId": "identity.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "825b57ec5afd1bc4d8c821cfaf5ffec076d1e3be8ac18ad7c5eb1cf1e3fc8dfd", + "sourceRecordsHash": "0bf435d17a46773aeb0064e470a1d665144b5dcca86f1e26450d171bde69aa2c", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-006dcc2fe482730a79d747cf", + "humanNextAction": "homologar rota administrativa auditoria para identity/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "atendimento_cliente", + "routeId": "identity.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d5b5b5652df67f95f84cd01f0234d8cde6787b7a075d6b634c222a9ae28f2816", + "sourceRecordsHash": "006dcc2fe482730a79d747cf13a98f469a400b1ea8ad14e64f401bd16f56e225", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-1004a476fb20e977be59f5b3", + "humanNextAction": "homologar rota administrativa consulta para identity/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "atendimento_cliente", + "routeId": "identity.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3f1ed2943d7e07d23909390a50332f93c5104999b34fbd1e41fcb23ef29a6194", + "sourceRecordsHash": "1004a476fb20e977be59f5b342ad1357e46f8f94267f2cb17051ebe0eb0a1da0", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8d356f4a0dce06848480c5de", + "humanNextAction": "homologar rota administrativa diagnostico para identity/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "atendimento_cliente", + "routeId": "identity.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "78791f60a1f25fbcad4ab06cd7a8bf1da9aa07e3bfc10527fcdd376563c7622e", + "sourceRecordsHash": "8d356f4a0dce06848480c5deea36f696092350128c17b8b26dc908d430c1e6e7", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-321ad6381d4bf570d3136018", + "humanNextAction": "homologar rota administrativa explicacao para identity/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "atendimento_cliente", + "routeId": "identity.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f5a3be5150c6d0e26e5df3e5a673ad0f55b338522e53716620495a880ab4544e", + "sourceRecordsHash": "321ad6381d4bf570d31360183af1a06bddb38ed228a4512b14c76b8edfc8130b", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-ac33883476d87010a6cf5ebe", + "humanNextAction": "homologar rota administrativa acao para identity/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "ceo", + "routeId": "identity.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3bf4ac3c875a6b66f715203dd1495641c248d7f98ea8046097b22b93b809ecd1", + "sourceRecordsHash": "ac33883476d87010a6cf5ebeffe629ce9ebd0d8aff07827ba58ca794099a04c8", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-13b66d3b020af13c5ad62780", + "humanNextAction": "homologar rota administrativa auditoria para identity/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "ceo", + "routeId": "identity.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "eb69ed691c88473a9dc7e426d6cb75d62237eac7d772135a126527d1bf6aaee1", + "sourceRecordsHash": "13b66d3b020af13c5ad62780252d4685dfc44756009d6003862d255b8988b695", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-fe1cb616738318f6c49dce26", + "humanNextAction": "homologar rota administrativa consulta para identity/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "ceo", + "routeId": "identity.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "46b6023a30fd71a9ff7d54b06805a9a7af59a4622500123dac156661a93225d5", + "sourceRecordsHash": "fe1cb616738318f6c49dce26e74b9d2662f76d29fe41c28ca9c85f13baab01e0", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-1811f0739e2b978403f424f3", + "humanNextAction": "homologar rota administrativa diagnostico para identity/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "ceo", + "routeId": "identity.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "9825072b47c85f5a6bdf6530c45ff00d6142595aac937e0783d26b4f6dd324f1", + "sourceRecordsHash": "1811f0739e2b978403f424f3ced9c64af524db37bbbaae590f4c68efdf3101b5", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-3eee024d970981ba1c7da889", + "humanNextAction": "homologar rota administrativa explicacao para identity/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "ceo", + "routeId": "identity.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e9ac1ab75ac540a931b1bc97bddd5eb277663e081d0aa6390348028566aa864b", + "sourceRecordsHash": "3eee024d970981ba1c7da8896f15fda621e04d6d99544c0ad6a9783834d01f71", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-f786693279aab920314e158b", + "humanNextAction": "homologar rota administrativa acao para identity/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "cliente_externo", + "routeId": "identity.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d0625025450874cbda73ddeecf1dd2b89c0dc9b4351278f79381f244bcd9ccfd", + "sourceRecordsHash": "f786693279aab920314e158b7a5ccdbfd7bc404f327c046f8e771cca5f73b9ee", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-e33ac64480b6a2417509ef9b", + "humanNextAction": "homologar rota administrativa auditoria para identity/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "cliente_externo", + "routeId": "identity.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f29a7a16607d2498049ab40a51086215cfde9d98b5d962238928924cd4ea6e76", + "sourceRecordsHash": "e33ac64480b6a2417509ef9b483292b246858ee18b95d90a1f08217724b3533a", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7f56faf92b895123640ffc02", + "humanNextAction": "homologar rota administrativa consulta para identity/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "cliente_externo", + "routeId": "identity.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "144ea493098e01984e07765aca75f21d25e138d3bc037d52a6e966da9702aa21", + "sourceRecordsHash": "7f56faf92b895123640ffc02c0a9bffb0ba7f15971a043dde03f49fb42757dd1", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0b10356d8ae58d79a38c2833", + "humanNextAction": "homologar rota administrativa diagnostico para identity/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "cliente_externo", + "routeId": "identity.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "079d4d7b6f43ce280fed3a8b04ae38d62366a1768557e0a5f8238fd47def60a2", + "sourceRecordsHash": "0b10356d8ae58d79a38c28336f30a17216dba4df9d8aa77e8f8a55c7b20837b8", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4530c1a8e33b231547fdb89e", + "humanNextAction": "homologar rota administrativa explicacao para identity/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "cliente_externo", + "routeId": "identity.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "03b3e619122bfcdb9e9c98c72eac1508b9910d911d4ca3333e085d18f2bc35e0", + "sourceRecordsHash": "4530c1a8e33b231547fdb89e77352508835cbc2ca5355111b028ef40228cc407", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-69085c673f4b4097d228d7d9", + "humanNextAction": "homologar rota administrativa acao para identity/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "contador", + "routeId": "identity.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8cb3e701cd7f0e3addce13a90ec2e502013c93b2c7ba90f87346cd89ca70d90d", + "sourceRecordsHash": "69085c673f4b4097d228d7d91a4865a110b5ae8a3ddb199928c6331cbf4d3dd9", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-c7205ded04028af09d882bba", + "humanNextAction": "homologar rota administrativa auditoria para identity/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "contador", + "routeId": "identity.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "6ba2a3509cddfbe15ce7ef6af4ad6e68686a025e125fd9585bd1bfdfe0b14943", + "sourceRecordsHash": "c7205ded04028af09d882bbadd720fafa14eac34d7f88a2565f28715c07a7245", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f575a8b45c0e7eb9327362e4", + "humanNextAction": "homologar rota administrativa consulta para identity/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "contador", + "routeId": "identity.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a26e300aad4c9a9ade661b908b3a7eacaf27c7c53eeba752fdbacdd445cdb4fc", + "sourceRecordsHash": "f575a8b45c0e7eb9327362e4e6e573594f1d743350790036c9439a525f65b2c1", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-278037569d638926352ced91", + "humanNextAction": "homologar rota administrativa diagnostico para identity/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "contador", + "routeId": "identity.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ba9fdb8f2eca4f3df948da6d1b26b57e91b5f4eb89837c68f9e8e0327e53ca0c", + "sourceRecordsHash": "278037569d638926352ced9112b74b3741ceb21a98f9798e7e0f2a00e72f8866", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b4461c22e62ceb76791fc55e", + "humanNextAction": "homologar rota administrativa explicacao para identity/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "contador", + "routeId": "identity.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4027c65f254a5ab1c1fafcdc84c854fc4109d20f4af790f47110dcf5645690db", + "sourceRecordsHash": "b4461c22e62ceb76791fc55ea03613435c4e62641fbed66b1dd02973c51caf85", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-4f88aad7a1314b20adedf0f9", + "humanNextAction": "homologar rota administrativa acao para identity/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "financeiro", + "routeId": "identity.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9318d6eb45b879e86d177a3ab0576378cc302995a5214b6af3f781ada84408d9", + "sourceRecordsHash": "4f88aad7a1314b20adedf0f96c44665f3ea552aa5b083a03b5c065f96b4bb357", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d22a7e4f0b703db7da643f66", + "humanNextAction": "homologar rota administrativa auditoria para identity/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "financeiro", + "routeId": "identity.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d92cb804a6b3bb2ef9bbff01c19e969bc9cbe7d782b109f5974289e70cf94fc3", + "sourceRecordsHash": "d22a7e4f0b703db7da643f664257ebe1792018c8f3f679bb444c9b4cb0bb9bc2", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-4560a5ac050bd57a423e27ee", + "humanNextAction": "homologar rota administrativa consulta para identity/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "financeiro", + "routeId": "identity.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "568d6110e8cd7d433d8248e98261b9b9e8a2f3a54ee7557a31b81f6f89b4e13b", + "sourceRecordsHash": "4560a5ac050bd57a423e27ee84017bde94e59cd4ad79f553b35c994973ac9f7d", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-61bbd728827f02caa67d6c53", + "humanNextAction": "homologar rota administrativa diagnostico para identity/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "financeiro", + "routeId": "identity.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "a4939e22e9710b12f86b25b4539bd0758e011f42c37384a39b8decdd8f82657e", + "sourceRecordsHash": "61bbd728827f02caa67d6c5358397582377978e765ddcdf270a4a18aeaa82613", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a2bdc0e55bc0477399849334", + "humanNextAction": "homologar rota administrativa explicacao para identity/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "financeiro", + "routeId": "identity.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "13667b05c2e711aaa7093c38250fe401b252e90c18420883357bb627d9be5c6a", + "sourceRecordsHash": "a2bdc0e55bc0477399849334cfd388ef163f025cd63d038e22cd2a83501b3883", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-40556d0a41d3fdbca8fcbad2", + "humanNextAction": "homologar rota administrativa acao para identity/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "gestor_operacional", + "routeId": "identity.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "560218129d96e6efc3da18f7d7e56794d5554cd5a1067ff6ce360c7c68c0caee", + "sourceRecordsHash": "40556d0a41d3fdbca8fcbad2ebffc40bbc45f41df057315e128b912af34fa3e5", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-1e0d415c0bc1d7e0a3644902", + "humanNextAction": "homologar rota administrativa auditoria para identity/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "gestor_operacional", + "routeId": "identity.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "072fd16ca47b7e8e5f708945fefd0aeb608ac6961bd6146d1bf32bd684efc9f3", + "sourceRecordsHash": "1e0d415c0bc1d7e0a364490207ae809f0dc0f1a5e386b4da7d0beac25a44c746", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-eedef3c753e8b724fca478b0", + "humanNextAction": "homologar rota administrativa consulta para identity/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "gestor_operacional", + "routeId": "identity.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3211dbfe06f8190530f09f7b64d1b0dec88790f0a079aadc54275785f9aff6e3", + "sourceRecordsHash": "eedef3c753e8b724fca478b0e0be04438c282153e12199ae6d0b18bd080d20f9", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0b2e4b9005b91904bb8df555", + "humanNextAction": "homologar rota administrativa diagnostico para identity/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "gestor_operacional", + "routeId": "identity.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "52016df1cee96226dcf41187299e605b01d15dffcfbfcc144deb59740838e008", + "sourceRecordsHash": "0b2e4b9005b91904bb8df555d487e4747cd7939e4dc600bfab9981f0aaa0ff01", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-2524e76e9ebb0d8ada4029c3", + "humanNextAction": "homologar rota administrativa explicacao para identity/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "gestor_operacional", + "routeId": "identity.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7fa7acd6cafc20eef0465bc713507c333e2f4d0baf90682d42e73e94d81605a7", + "sourceRecordsHash": "2524e76e9ebb0d8ada4029c31b76655b5fb2ddd6e65c0cd5396253861537f6b5", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-7dc304656c3a6625bd9a1db6", + "humanNextAction": "homologar rota administrativa acao para identity/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "juridico", + "routeId": "identity.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8dd8605da3d3e4aa931d7cd6d6280c51497b0f536c5ff5f7d542ece4d457ab3f", + "sourceRecordsHash": "7dc304656c3a6625bd9a1db67d6b03f079b038f458479467c1e5743bd617d5e9", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-dd607566444c58d62079882b", + "humanNextAction": "homologar rota administrativa auditoria para identity/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "juridico", + "routeId": "identity.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "893417f384c71e58e956ffc81269a7e2cb89e85175b2e15912fc4e13361991d4", + "sourceRecordsHash": "dd607566444c58d62079882bedde81be65fdb2b75c5d181b63ba70eef7a19d8d", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-8e2f32b43bbdb0e609644e1e", + "humanNextAction": "homologar rota administrativa consulta para identity/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "juridico", + "routeId": "identity.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "03bf6f1148cc0e71954df4c03b075ee604c2b1267a943f781acd86d61db7bbd6", + "sourceRecordsHash": "8e2f32b43bbdb0e609644e1ea2b7d024bb56cf8a40959308f6901a2c64afd8c1", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e4a5641bf3345306d74aa4c4", + "humanNextAction": "homologar rota administrativa diagnostico para identity/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "juridico", + "routeId": "identity.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "f44fbee25c0afb77b0d765c6d92fee68eaf5c2d0fabe5e96f112a21f03629fc3", + "sourceRecordsHash": "e4a5641bf3345306d74aa4c4e5b00660e24be4e4753cd25b668247721f309654", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-144e72deea9ee28826f57f60", + "humanNextAction": "homologar rota administrativa explicacao para identity/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "juridico", + "routeId": "identity.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8e015ba7588e9ac8e395b2e6c99e4272933875d7c45dd4781345af71c011433e", + "sourceRecordsHash": "144e72deea9ee28826f57f606582d8f4efdb858d901a389b17cf74f0b31c5db3", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-f18b017d7fbd2ae64c2eee19", + "humanNextAction": "homologar rota administrativa acao para identity/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "planejamento_estrategico", + "routeId": "identity.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c38c97f3cefeadf3a9081967e275ab8dc7cc3e6186bff476171ba18eaa207509", + "sourceRecordsHash": "f18b017d7fbd2ae64c2eee1963ca5727e82d1a2a7164aa721b7245e4dd5fd7dc", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-dcc6021bef0055221556da2d", + "humanNextAction": "homologar rota administrativa auditoria para identity/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "planejamento_estrategico", + "routeId": "identity.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4dbc89b9721238d7a28dd71bc377709f9632f5b90f7044b675298a3b78aa9fe8", + "sourceRecordsHash": "dcc6021bef0055221556da2d6080344415d96cebbcc973d3c336d28c87ee2f02", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-585a1feee847a4498d471fb9", + "humanNextAction": "homologar rota administrativa consulta para identity/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "planejamento_estrategico", + "routeId": "identity.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "d5a65ecbb273f914d97411fde09ae0030acaea4ef6be4e7e09b30f490a921d80", + "sourceRecordsHash": "585a1feee847a4498d471fb975946cad471fe4c89eaca1ab014f41d24ced696a", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-b3d0145d29e7557c6c02b422", + "humanNextAction": "homologar rota administrativa diagnostico para identity/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "planejamento_estrategico", + "routeId": "identity.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d60ba2469db570ffd2f2c2b8ff847113f958d45a2edc4af977a296aad2a51d64", + "sourceRecordsHash": "b3d0145d29e7557c6c02b4224fe2e1689b78b05c0ddde5bdab8ae4b249e8de4d", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b5fb2d19859b44b18a802ba8", + "humanNextAction": "homologar rota administrativa explicacao para identity/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "planejamento_estrategico", + "routeId": "identity.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3e19ef89c9d01f8ef8c66ae906976c6973f1abf91cbe9fe433ab200ebeda9ad4", + "sourceRecordsHash": "b5fb2d19859b44b18a802ba8e711e3db0d7b9f36e6465b6d0668b8eb01211dc8", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-c32a37aebf3a2112dd170ed3", + "humanNextAction": "homologar rota administrativa acao para identity/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "secretaria", + "routeId": "identity.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f1bb3076f160fd25f5f329299867b3ae5cf2b502ca13f2ffacc0e112fef9abc2", + "sourceRecordsHash": "c32a37aebf3a2112dd170ed3a8532ba774a8cc06fac30290d9c391fa2e2f19e9", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-fa9a05f5dfe7936ff0e147e2", + "humanNextAction": "homologar rota administrativa auditoria para identity/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "secretaria", + "routeId": "identity.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "8ab6f4e885d5eb0466c2c2d159eaf9a8e08d2df3a344af16489a6b31670fb426", + "sourceRecordsHash": "fa9a05f5dfe7936ff0e147e2607932612d2b2e9a336019f089d7d589957e4d10", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-13383f8f820f52c96cda525a", + "humanNextAction": "homologar rota administrativa consulta para identity/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "secretaria", + "routeId": "identity.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "31a283ca1ca174ebc6c437fedb7fb0ee09b2b0431e56021b0718b30c977d1e55", + "sourceRecordsHash": "13383f8f820f52c96cda525a16cbd4ce232e53b1dfff7ffa4f8651b641e788d6", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-70d96fa84f56c71822f9acdf", + "humanNextAction": "homologar rota administrativa diagnostico para identity/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "secretaria", + "routeId": "identity.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "6da3bbb5bb32eb547aaecb8fc373002b872ae10373a83297912c62083afa3c38", + "sourceRecordsHash": "70d96fa84f56c71822f9acdf5db804a0c3b432de86ac8abf682a90923de2bf1d", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-77088beb55f58f40cca994cf", + "humanNextAction": "homologar rota administrativa explicacao para identity/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "secretaria", + "routeId": "identity.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "89d1ac5427f2d9cccdf332dbd021760c7ac1ea271edba6a1593d6d9a7c056fad", + "sourceRecordsHash": "77088beb55f58f40cca994cf976f042b60af466783149d81189403d180430de0", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d2fcc1811f030c1345b4f619", + "humanNextAction": "homologar rota administrativa acao para identity/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "suporte", + "routeId": "identity.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6c30c8bdb99a95ebd3f06c25106e05c74ae4a6973ef79db5247ae16f489de541", + "sourceRecordsHash": "d2fcc1811f030c1345b4f619b819f5b10e90686cb4b7f9a903af5614f323d5c0", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d2f73bb5280d8dbee8e58268", + "humanNextAction": "homologar rota administrativa auditoria para identity/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "suporte", + "routeId": "identity.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "e4baefa88a4a3f936c763f3f8db3db3cae5f34b0c134d38715dd77e81eac460b", + "sourceRecordsHash": "d2f73bb5280d8dbee8e58268a44f3541b2a4f882c269d760a82f0423bdebb9cb", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f9e103968510e03fbe5bf8a3", + "humanNextAction": "homologar rota administrativa consulta para identity/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "suporte", + "routeId": "identity.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "7515b9954fea5a461055c99205efb1ff0e6f7af1b5748bbe3a3dae7cfb35b435", + "sourceRecordsHash": "f9e103968510e03fbe5bf8a3cc2f8db98951b392a202a586c2448c5ed8235c61", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-1265e85b94d7619c5436764f", + "humanNextAction": "homologar rota administrativa diagnostico para identity/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "suporte", + "routeId": "identity.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "9164eeebd65af1fb5ebfb1acaad204ea7d6aa90b5d0e5cde0879877ec502edc5", + "sourceRecordsHash": "1265e85b94d7619c5436764fe95ae068dfc7ea3aa1a666661acac13b9ac101e4", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-e69ba1fa120172f4213f589f", + "humanNextAction": "homologar rota administrativa explicacao para identity/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "suporte", + "routeId": "identity.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "230ba24f3f79784badb296087f3b47cd711976cdf4249e49512181912d05a004", + "sourceRecordsHash": "e69ba1fa120172f4213f589fe602f3a6165c4e2344fe3022207eda1bf3ff3586", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0f3801c56cb4b08f947092c4", + "humanNextAction": "homologar rota administrativa acao para identity/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "tecnico", + "routeId": "identity.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "689df4601c2f5f850a27571f27a5f3a12496472b30b4816806b83cb2c1d0db54", + "sourceRecordsHash": "0f3801c56cb4b08f947092c4fdff1227bcb3b9439cab320394946eaf864a44b8", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-31c413b0232e71b4710e6327", + "humanNextAction": "homologar rota administrativa auditoria para identity/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "tecnico", + "routeId": "identity.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "89e30186ca2b65c8c534aafc7fc904ecf71b3d187c4bca5658efc9cce2ab79dd", + "sourceRecordsHash": "31c413b0232e71b4710e632788f3845675ebd2547d7a86f37c51723b167dc9d3", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-0c7cde9a47075cd3abfd2fe1", + "humanNextAction": "homologar rota administrativa consulta para identity/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "tecnico", + "routeId": "identity.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "489565f2b4b727603ccd54661436232c0af53fc753db4640f7224009eff2abf0", + "sourceRecordsHash": "0c7cde9a47075cd3abfd2fe1da70e39171d3afccd96c260b75f87e0074ca08c2", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ce0375ee4b7b18900bd669b6", + "humanNextAction": "homologar rota administrativa diagnostico para identity/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "tecnico", + "routeId": "identity.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "5a189035276dc15d6546bc3f8a1de94ae0ef3461cf89b47da5fc90c264841970", + "sourceRecordsHash": "ce0375ee4b7b18900bd669b64302f46bccc18a15c4e0b97876a7c958a199ae12", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-c6c0b7722280588a9ace78a0", + "humanNextAction": "homologar rota administrativa explicacao para identity/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "tecnico", + "routeId": "identity.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "99ef9db9e79a1201b931046ff734e9022bb53708d6072ce1c6ac95f9210bf8ab", + "sourceRecordsHash": "c6c0b7722280588a9ace78a00c6cfb5e54bd24f84ec98779982c7d8760aacd4c", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-62f0e127eb35ae8c1fb03f70", + "humanNextAction": "homologar rota administrativa acao para identity/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "identity", + "profileId": "usuario_final", + "routeId": "identity.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c369d388c66adca83440ab6b935fd5e57fb5d0df7f24743730a72ed2f4cc18d6", + "sourceRecordsHash": "62f0e127eb35ae8c1fb03f707b1c30709e02382d63a5528297d66a9363b2ab02", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-1491483488df118ee45f5dd7", + "humanNextAction": "homologar rota administrativa auditoria para identity/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "identity", + "profileId": "usuario_final", + "routeId": "identity.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c6a3ff55803c03dbe2ace507ed58126c718f833a06dd94b40ca101c6a07f6949", + "sourceRecordsHash": "1491483488df118ee45f5dd7e929325f96754a076fe295eedbe84ae1f87bbf2f", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-2b914cf3641b17869bfa4ab9", + "humanNextAction": "homologar rota administrativa consulta para identity/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "identity", + "profileId": "usuario_final", + "routeId": "identity.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3f53935b20ac51a1480fd99f4f8ffd1240f3c6af49d26c4c80fc83352447a733", + "sourceRecordsHash": "2b914cf3641b17869bfa4ab95fa5c22aee3319c8b030f9d639d7ecd13772cca6", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d8711be668a97f11c5a7380c", + "humanNextAction": "homologar rota administrativa diagnostico para identity/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "identity", + "profileId": "usuario_final", + "routeId": "identity.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "4a06b28f99914a17eb15474289caa51c8cab9c617ba5929eb0023fe6f234b960", + "sourceRecordsHash": "d8711be668a97f11c5a7380c7d8f134d22fec936d3f9e4ee1852fafdb9d30f67", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-5f0921c673c81cc1ac321ef7", + "humanNextAction": "homologar rota administrativa explicacao para identity/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "identity", + "profileId": "usuario_final", + "routeId": "identity.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d7a0d86055063c3b24f0dc00b759b2152ac01773a87b8330ed3ea0ad7dff28fb", + "sourceRecordsHash": "5f0921c673c81cc1ac321ef70bb0f608d900242861a25e5d15b1d3c17d93deb6", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-71748ec665af126c10b797c8", + "humanNextAction": "homologar rota administrativa acao para integracoes/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "administrador_empresa", + "routeId": "integracoes.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "238ef044de01c45e78fa69e73c97bb4731f8592a50019a1c5b1f716c78da497a", + "sourceRecordsHash": "71748ec665af126c10b797c82b0fc8a4ffc18b95e61d875632a61b2da5654c66", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-3de077a4e3cad9654d7400b8", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "administrador_empresa", + "routeId": "integracoes.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "6895347f5bdc299208c1f0a9b4fd5aeeae18666d8cf58e192a1d672096facdc2", + "sourceRecordsHash": "3de077a4e3cad9654d7400b81442534e5aa8c2d8515f916b766dd8231f9a4cfe", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-8f53890e9662038851171eee", + "humanNextAction": "homologar rota administrativa consulta para integracoes/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "administrador_empresa", + "routeId": "integracoes.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "792dc7806959395d7878d20e51407954e62624658e9b710db277886bc76371fe", + "sourceRecordsHash": "8f53890e9662038851171eeebb3ab31785ef5019a78d173b354dcc4addc1f715", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-7c3d71082956a95fff719b88", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "administrador_empresa", + "routeId": "integracoes.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ce1c632e559b3bc5e4aeb2d09eca78e8130244c296d91cc8357ec3cedbbe66ac", + "sourceRecordsHash": "7c3d71082956a95fff719b883f75938e58edbcd77c4007fcaa4164a0d9663dbd", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-54c5e6268ed987fb0af8734c", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "administrador_empresa", + "routeId": "integracoes.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "76cff27f5467a4b4ba0fbf2de1eaf57cd7f5e57216b610844607a3ec78b4a29f", + "sourceRecordsHash": "54c5e6268ed987fb0af8734c9841f3986307622e13eed0d771467a51e1f52289", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-96381c4e36a716a67b6c708d", + "humanNextAction": "homologar rota administrativa acao para integracoes/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "atendimento_cliente", + "routeId": "integracoes.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6ef1d4da5c77aea3fbff95ef686cc6838e8091003d79e255dd1aa255e66f54bf", + "sourceRecordsHash": "96381c4e36a716a67b6c708db21af8bc9c112aba831b23f55f906b3588b6d052", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-e0e493914892c32cc74a6dab", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "atendimento_cliente", + "routeId": "integracoes.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "1ee0313217f96ab3c8608d5126892b0914e9ed7c2b270b0b0c29a37e97f02211", + "sourceRecordsHash": "e0e493914892c32cc74a6dab0aea8e5c34fd174758a5ff0d1864471afb3d94c3", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-de0b904c230ebff3c1ab07d1", + "humanNextAction": "homologar rota administrativa consulta para integracoes/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "atendimento_cliente", + "routeId": "integracoes.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "b8fb284304bd0a39d2baf43bf0d8b8dd1b9b54f633ecdf805d5f48133dd5610a", + "sourceRecordsHash": "de0b904c230ebff3c1ab07d18c6cd88c92679a8bf99477f3a76468595eb11981", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ae2680aee85f10cea512891b", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "atendimento_cliente", + "routeId": "integracoes.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "e15c5b29ae583edd8c499c7fd56645dd90588b18b6cadfff97cb2b35c204821c", + "sourceRecordsHash": "ae2680aee85f10cea512891b6e43d01296f71d8d80cf47401a3c8b1764179ec3", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8c4c77de81370500e1ede980", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "atendimento_cliente", + "routeId": "integracoes.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ea23021e3f758adf0581143a6f48ed50e4a2fcd49aa807b768a8eeb33117324e", + "sourceRecordsHash": "8c4c77de81370500e1ede9801142de9cab8bb6386b434b9e53e80776b272e000", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-48c50724541aa215fd8d763c", + "humanNextAction": "homologar rota administrativa acao para integracoes/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "ceo", + "routeId": "integracoes.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8221c5b1c30c604ed3b2068ea34174f77c5c0f7c4c3204c082869de5ec7bc8e3", + "sourceRecordsHash": "48c50724541aa215fd8d763cf8087a2fab77476eadaac60958650199f83ea200", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-80de1ffd669c9da1d6de38b8", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "ceo", + "routeId": "integracoes.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "1a29e5a01a0d808c2769ff2fe13768253076c8913924f3dc46c5d3cc2e7c4004", + "sourceRecordsHash": "80de1ffd669c9da1d6de38b82c335389b174ba690a5fb8a58c48320410bf2c19", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ae35c606394bc6bc91029f13", + "humanNextAction": "homologar rota administrativa consulta para integracoes/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "ceo", + "routeId": "integracoes.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "6e744df3be0b0d8c1f1528d0b2e44a2ab57e17f456d2b74c3f3cddf327ed6901", + "sourceRecordsHash": "ae35c606394bc6bc91029f1372d9a02c095ff51f80b0fab4fabe23e10e240ca1", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-604df2ef6b14d00ef7c8b3cf", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "ceo", + "routeId": "integracoes.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "712dec8ded9ab420904359951da63fe612485bf3506361596e6e4a52b8d05690", + "sourceRecordsHash": "604df2ef6b14d00ef7c8b3cf403258c04c453f1557a4ec0accce850c3f520e60", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-366dff8a1661d9bdc3edeb98", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "ceo", + "routeId": "integracoes.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "752ba58c728fe4d51411cf08c8359bca1d71836b94baab96f31624db4bddc68e", + "sourceRecordsHash": "366dff8a1661d9bdc3edeb98ce532e47f9b273dc3faf39321d12edee18a9c30a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-5df244d34e4246ce34b5e4d4", + "humanNextAction": "homologar rota administrativa acao para integracoes/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "cliente_externo", + "routeId": "integracoes.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0fd3c565d6b3a2c842e3b94625f2f81fa7d572c43d5823861305c516300f5ed5", + "sourceRecordsHash": "5df244d34e4246ce34b5e4d47e7c0670edb2eefc9dcb42912ff2d3e95ca2f748", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-72995a713a20b24f6c67f28f", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "cliente_externo", + "routeId": "integracoes.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "a1f961d6e65d9fd084a2949864258ea771091fb8e7381d37a436c55fb37114dd", + "sourceRecordsHash": "72995a713a20b24f6c67f28f2e82d84fdb9221836968a7fbe5d1835dcf09b430", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-832fc963fbaa5ec8fe75f6d8", + "humanNextAction": "homologar rota administrativa consulta para integracoes/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "cliente_externo", + "routeId": "integracoes.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "9598a171fe3d7b50d000f9802b4f28c4739dd2e1300e4d13f6b7e3954f561271", + "sourceRecordsHash": "832fc963fbaa5ec8fe75f6d8f2af1f330f95c8ae33bc38be57a18ac2a2da0fc3", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-364e7321b8725a0dc884823c", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "cliente_externo", + "routeId": "integracoes.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "96120816d0e677d2de3061f88555aa5ea0292434b67a548ea2f28a89f4fa990d", + "sourceRecordsHash": "364e7321b8725a0dc884823c877382a01da866129aba97c12667243c7c063114", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-592878b1e05324548d78e0d4", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "cliente_externo", + "routeId": "integracoes.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6d27a998382e68258b560a6c7c54e94d7bd0e6f67892c4d35aed6ceb3f5598d7", + "sourceRecordsHash": "592878b1e05324548d78e0d42f71050570b28233219051c61b813f55de964eae", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-dc43504e86c65413e58fda36", + "humanNextAction": "homologar rota administrativa acao para integracoes/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "contador", + "routeId": "integracoes.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8d3a16c75996349293a03cdc8ccfa8c52497762776b0e70289ed8ffbda86518d", + "sourceRecordsHash": "dc43504e86c65413e58fda36320a27b794b00fd78627f96fb8c6d4453c3f0ddb", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d06b0cef56f8457b77ee607d", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "contador", + "routeId": "integracoes.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "361b3e3c339284d2836acc447ed26a048607476afbdabd571eb210f8b9ac65a8", + "sourceRecordsHash": "d06b0cef56f8457b77ee607dcc4af8c3b1a51b44e1cd33d92881e477234ddc39", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-df99a462f4a34fae52b85dbb", + "humanNextAction": "homologar rota administrativa consulta para integracoes/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "contador", + "routeId": "integracoes.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "d275595e38437c6face4cc4f42b7f97a20231b7e34555e9433a2727733f701ad", + "sourceRecordsHash": "df99a462f4a34fae52b85dbba4838468d95a66f3076640519568871370c9a1ee", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-23a969f1068b35a27b37a60b", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "contador", + "routeId": "integracoes.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "7ab8582100d1cc0805f1a0f6c730d5bda71a2bd510932e9e815249f9364dbe61", + "sourceRecordsHash": "23a969f1068b35a27b37a60b0e036c63e340da4656f9c15f0cb0451a7ce93642", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-98c8ced87e583cdda0f22e6e", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "contador", + "routeId": "integracoes.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "567cf3ce42f8919b78fc19075e26404dedb0225436065f21ffaea17a2fe144af", + "sourceRecordsHash": "98c8ced87e583cdda0f22e6ede378cbc2787338984cb2d3fb7c00426f78c7d00", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8da7afb8a01d4cf05680ad63", + "humanNextAction": "homologar rota administrativa acao para integracoes/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "financeiro", + "routeId": "integracoes.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "bdbdb418289b9fafff195a9415d09b03d296ba67e3d336e1441b1686e167141f", + "sourceRecordsHash": "8da7afb8a01d4cf05680ad63aea47ef99faa52dff9a15d09e321f8aa88611d23", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-6db1a36922cb406c950cee41", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "financeiro", + "routeId": "integracoes.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "677a055b725a2cf09999a281ce79e1aa696eb21999b337b81d2e6d2b5794602e", + "sourceRecordsHash": "6db1a36922cb406c950cee41dfebc7bcbafcfb82913ff74f2df4a2a4f89bc371", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-3ff92967f7bc51e96311abec", + "humanNextAction": "homologar rota administrativa consulta para integracoes/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "financeiro", + "routeId": "integracoes.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "51c7c3b67463962a40f07f4c6ac3ab7323d7cf89585be0d7447be925c903098c", + "sourceRecordsHash": "3ff92967f7bc51e96311abeca00e483b96d811904739ab89f4cf4572444b8be8", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-55b9b3fb3bab2823745baa65", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "financeiro", + "routeId": "integracoes.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "b947251b143ef603c2eae4a817ac661a3fd1b0a191177faf43554ddd9bdec401", + "sourceRecordsHash": "55b9b3fb3bab2823745baa65a9270c10e3bcdb08fd1ae891448dd0bce78f652f", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8b62c883ef19765e055c1d83", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "financeiro", + "routeId": "integracoes.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "180463bb08a2a9d31b529698070ab14662089b79627effc006b7c0bb55ef42ad", + "sourceRecordsHash": "8b62c883ef19765e055c1d837bad3b29c288162762770def69de0f4cc6434dc0", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-515b6a3bc44541087a29e224", + "humanNextAction": "homologar rota administrativa acao para integracoes/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "gestor_operacional", + "routeId": "integracoes.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1531c82b0c7bd5384968660389f7f87788a21e5cf6713ecc78589444eb16f14e", + "sourceRecordsHash": "515b6a3bc44541087a29e224f51b0929a2ae0f7856659b50334cb1df6aeec1d7", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-c2fe0a91f3e35727d4f91c6d", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "gestor_operacional", + "routeId": "integracoes.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b02cd801cfc03bf210764fef03eba358d630fd96ad12c945ab375a91a486f9ed", + "sourceRecordsHash": "c2fe0a91f3e35727d4f91c6defde3bc2cc27651c74293e1c89b5a8d8f8516aa6", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5419f13ec96212880bc21cde", + "humanNextAction": "homologar rota administrativa consulta para integracoes/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "gestor_operacional", + "routeId": "integracoes.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "bd962027185db0301f39c7d37a02fc887d1d73d13543056cc4744f06db0e6054", + "sourceRecordsHash": "5419f13ec96212880bc21cdec80d81f09d3ddc5c1cfe2a484714582eb160a53e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-6fedbc1b8d02cfdfb70503a3", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "gestor_operacional", + "routeId": "integracoes.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "42ad8f37d20cdbb00aeed070ced28a0a53ba364afb905d9407acadae235ded34", + "sourceRecordsHash": "6fedbc1b8d02cfdfb70503a35799d5d53f7741819ee90b6048502f1ebfd11b0c", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-47d4e5117965d3f86217b32e", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "gestor_operacional", + "routeId": "integracoes.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ee85c42c9a9a49de8caa1775e20e0dcfc4050b35efb2223bddf99b0161f24fc2", + "sourceRecordsHash": "47d4e5117965d3f86217b32e017aca0591ceb7b46d3b6d38e729b7b6f91dc6b9", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9e20a3b04b9903315c6a0593", + "humanNextAction": "homologar rota administrativa acao para integracoes/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "juridico", + "routeId": "integracoes.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "02e215dc882a30c24b15ccaa57f0386b9c4f9a1d245d6b1c537a364e34346d3e", + "sourceRecordsHash": "9e20a3b04b9903315c6a0593c0a94f5e4ea4cc1d4a8906e1555bd99ad186726f", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d4ddea48892e181e5fd414fd", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "juridico", + "routeId": "integracoes.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "2496f8ee8c9a387a578914022a388c97b5300b9589cb22e99458f5f35c925504", + "sourceRecordsHash": "d4ddea48892e181e5fd414fde27d5a5ae6ade49afa4336cf980d8c8d87a86d74", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-1262901d3e2c96090944f917", + "humanNextAction": "homologar rota administrativa consulta para integracoes/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "juridico", + "routeId": "integracoes.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "aea1a1d929b175cb53125477a9139665b1b150ede73a888000d9f84bf3be7928", + "sourceRecordsHash": "1262901d3e2c96090944f9171278f844ca4e3abd6bb3952b7705917a72396e4b", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ced9a5325468ea24ca05ae0f", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "juridico", + "routeId": "integracoes.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "be5e2e6af03e5ecdc39e122fe1e1bb5837de240320c5493a015a026453e471fa", + "sourceRecordsHash": "ced9a5325468ea24ca05ae0f602613e60143cb36f1014ae7ad5cd5a5cf017387", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-f76f7bcfd159d1b877f1ab02", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "juridico", + "routeId": "integracoes.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8512179c6e63b243e435ca8345ecbf51bcf8d8606ea8a0c7e62c83e2871a5a55", + "sourceRecordsHash": "f76f7bcfd159d1b877f1ab0202c30816eff8eec9a669f6fb8384837cdd7b40d8", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-93e19c1c30d47cb0f9f05dbd", + "humanNextAction": "homologar rota administrativa acao para integracoes/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "planejamento_estrategico", + "routeId": "integracoes.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "cb89200db4c96bf7154f75947969e0cb974c0bf564a846765a6406fdd589a277", + "sourceRecordsHash": "93e19c1c30d47cb0f9f05dbd372c1c8c7754784027f08dd7c4bd46edd7bd025f", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-1088c421f660d90fdafd2e48", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "planejamento_estrategico", + "routeId": "integracoes.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d170a3cf535ee7bfa515b8ec44587b0369344cadb0b7b9d929b0bd5e5b68434e", + "sourceRecordsHash": "1088c421f660d90fdafd2e4814ff9a0911464fed8c19b25a03703e0e4644dd4e", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-113a7b2b421ed6b79703cad9", + "humanNextAction": "homologar rota administrativa consulta para integracoes/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "planejamento_estrategico", + "routeId": "integracoes.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "7dd72bbdfe57a11c013c3364d9b9344b4dfb2aec88cbbdfe33d10c311e9189cd", + "sourceRecordsHash": "113a7b2b421ed6b79703cad97357cf04b0cba62da85269947f0dccf6ba814f9e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-67d919fb53410ff9f3d31446", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "planejamento_estrategico", + "routeId": "integracoes.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "0e3da7b7a21992430bba2e6e80e141ff505f1faba63c2c23c43e950166d866c4", + "sourceRecordsHash": "67d919fb53410ff9f3d3144604fccf921bf037278b3ca516c9965853f5cef0de", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b1a01194355fb1bf19411c95", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "planejamento_estrategico", + "routeId": "integracoes.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "66de7c583586941707f56692369d887d21f7a6e7102a48869f01ebb2a3d80554", + "sourceRecordsHash": "b1a01194355fb1bf19411c95ff39ac924d726d88fe3e45beebfc29e3e9566a05", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0cdc019b192bc4c1c6a280b5", + "humanNextAction": "homologar rota administrativa acao para integracoes/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "secretaria", + "routeId": "integracoes.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1497b1b9fc9912d5d546103e2b5ec06abda06ab02fde7c6900dbb0777b64d05f", + "sourceRecordsHash": "0cdc019b192bc4c1c6a280b560893309a10b5758807c603c63d1029e2871e69e", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-dc8998d31be105b8d3cb842e", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "secretaria", + "routeId": "integracoes.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4a8d7b46c0a755f84fb64f2cc9ffa6aa167a324b506e9d64bfe90faafb75956d", + "sourceRecordsHash": "dc8998d31be105b8d3cb842e587d60c947140ebca3e9653d42444a404df33e47", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-647eac2e94c135282564ae61", + "humanNextAction": "homologar rota administrativa consulta para integracoes/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "secretaria", + "routeId": "integracoes.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "7b504806c174b135ed735c5957f6d57d8819917d557526c5296839e4898f0772", + "sourceRecordsHash": "647eac2e94c135282564ae61ec5f00e29f94c4acccb7252e2ebffb2f104c075f", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-1bb7db57db2420c66f7ad981", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "secretaria", + "routeId": "integracoes.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "e6c1995bdf80a1b76600fe1324f3a6d36343a30b504e9c19159b6106a58786e6", + "sourceRecordsHash": "1bb7db57db2420c66f7ad98142319b823f455eca333c7ba359be6d78e83a5a31", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-0337cac15092eb32e6a62da5", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "secretaria", + "routeId": "integracoes.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e7034f3cfc44005414d4d79c1f7c64f1032f754c047aec978d8399c612e8a1c0", + "sourceRecordsHash": "0337cac15092eb32e6a62da56ee71f3ddc0a24c8670132f5ddec1c41de5a63c3", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-06456564d704e1f8fd7b925c", + "humanNextAction": "homologar rota administrativa acao para integracoes/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "suporte", + "routeId": "integracoes.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "820a2417f79d20987963108602464707db837ff7914e2b184c8dece3a403061d", + "sourceRecordsHash": "06456564d704e1f8fd7b925cf90673b20ed0947753099154a6cbf78bd84a7069", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-ea84d132b50c89545f64fd5d", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "suporte", + "routeId": "integracoes.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "63e7ba8751e7a55156738b06f126d6de6d37612eb5e3ec23a519217b831cf823", + "sourceRecordsHash": "ea84d132b50c89545f64fd5d78db70b0eae15d62af89bc3e220370702219c4d7", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5197bb5204df9ea60ae277d5", + "humanNextAction": "homologar rota administrativa consulta para integracoes/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "suporte", + "routeId": "integracoes.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "1583ed9e3c1b3f62123b5906e5c75c0a5bc06058f164aedb556d8ec0d3c7da69", + "sourceRecordsHash": "5197bb5204df9ea60ae277d5ab03152ff2c7bd54f45a84b93e75e8589d4aea26", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-5775efb7d72ea48d1790a068", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "suporte", + "routeId": "integracoes.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "750c5e653043248602a6f61ce4fa5e896895e2df59cdcac35079f3c4b498abef", + "sourceRecordsHash": "5775efb7d72ea48d1790a068094f80721d35c5650bcaa54b4084504cb5fa34cc", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-da5a25cb79ae805041d212ba", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "suporte", + "routeId": "integracoes.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8a2dc2b1c0a2f954e782ecd9d6b00a1ebf3c1c32d0e833a121166cf5f0f93719", + "sourceRecordsHash": "da5a25cb79ae805041d212ba27e986e2efb7dc276c198ac308ed06ac4e159ba4", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9014a75fc2c99e6ad2c3ffdb", + "humanNextAction": "homologar rota administrativa acao para integracoes/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "tecnico", + "routeId": "integracoes.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "51bd6b66b008ee477ac8419b18cdc286f665e0704d7ded5d6696a92f51cc1f98", + "sourceRecordsHash": "9014a75fc2c99e6ad2c3ffdba0f2e23c959a459fcecb707326d993a25761600c", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d96a91887a51c523242d6a09", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "tecnico", + "routeId": "integracoes.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "bea0970b456274f0f450eb292a27d9a78ee6e0fe2bed23473133ca68c3db0bc5", + "sourceRecordsHash": "d96a91887a51c523242d6a09203e13677a799b1ee6b8616caed7d219b570f7e5", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-4d5d9dc754ec2a0459d3caef", + "humanNextAction": "homologar rota administrativa consulta para integracoes/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "tecnico", + "routeId": "integracoes.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "11aadc9bd88bc30b389727e73d094807e9ddf4d6d8352833dbc3bf10716be631", + "sourceRecordsHash": "4d5d9dc754ec2a0459d3caef6ca7a9fde2114308e22e35e952028f2be7dad8c5", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-fd064431c41ce024a0ebebbd", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "tecnico", + "routeId": "integracoes.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "fd7979977f43c152f87744ac8df864e72019008d2b759d3707e32c0764adac21", + "sourceRecordsHash": "fd064431c41ce024a0ebebbdcfe14578ecc281e1573dcf1c97787aa7d8a4183e", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8e89b3bad61e1613a09a9937", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "tecnico", + "routeId": "integracoes.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "93f7a22b359934855595bbce8345eec7da5a5969a5c129d2f19e7b55f110f0ae", + "sourceRecordsHash": "8e89b3bad61e1613a09a9937d8690d26b5c40ebfbd266838bd6fcf31999a34d4", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0c9f17aea4cd22d6d077b4b3", + "humanNextAction": "homologar rota administrativa acao para integracoes/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "integracoes", + "profileId": "usuario_final", + "routeId": "integracoes.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e705ff9197f0c14bdf32d57cbb664833d799f1749b42c799504361effa30ceca", + "sourceRecordsHash": "0c9f17aea4cd22d6d077b4b3f25238fd74b4a24c2417bdd0021a738d24f9ced5", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-da9953ce1519cb30e25a1cd5", + "humanNextAction": "homologar rota administrativa auditoria para integracoes/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "integracoes", + "profileId": "usuario_final", + "routeId": "integracoes.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c454f4e650ce5bdd9728b3b74c5bc55a2bf447763e2f48b4709234a993d5e90a", + "sourceRecordsHash": "da9953ce1519cb30e25a1cd59cb7f561ddec6ce6c54337a543cbd1377b111780", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-dbe5a17c4500ad77cb79f433", + "humanNextAction": "homologar rota administrativa consulta para integracoes/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "integracoes", + "profileId": "usuario_final", + "routeId": "integracoes.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "17c8830e7aaad12d0e6f3f7445b7efe727cd5f8a67c48e7ab40b027a81e8b3b5", + "sourceRecordsHash": "dbe5a17c4500ad77cb79f433dae02993efd3033e9c30316e1a1d1e2e9578f857", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-53181bba1e402fb74ccdc6bb", + "humanNextAction": "homologar rota administrativa diagnostico para integracoes/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "integracoes", + "profileId": "usuario_final", + "routeId": "integracoes.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "d49c601f4ece8180f6ce1e5350a9863f54e567c6f29a09661d5a7d6702ec99b0", + "sourceRecordsHash": "53181bba1e402fb74ccdc6bb2ed5b86b77a294564fb4a458976fa4bbb9a60fd8", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-fae75eab89e7ddcab2bc948f", + "humanNextAction": "homologar rota administrativa explicacao para integracoes/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "integracoes", + "profileId": "usuario_final", + "routeId": "integracoes.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "53613b785e2441ed320025ed21c345ac6af31038b3334ffc6c00fdb157f64400", + "sourceRecordsHash": "fae75eab89e7ddcab2bc948f7c4c1d50fe92c881001baa96fb787aae7797a781", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e51fb10711afbbd6d6545eb3", + "humanNextAction": "homologar rota administrativa acao para intelligence/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "administrador_empresa", + "routeId": "intelligence.administrador_empresa.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "7b4bbc6c85282e3d269db08747c4b097d3e968f9805d31529fed9de27f83c6b3", + "sourceRecordsHash": "e51fb10711afbbd6d6545eb3cfdd00fef7c8e592f18a7e7b879a96e6775bf7b2", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-27abd82fae067bcf989f9f97", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "administrador_empresa", + "routeId": "intelligence.administrador_empresa.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "cbdc646df8ea926a8e9834608e301a0e7cefb0b14e9710e5773862ce43f44d28", + "sourceRecordsHash": "27abd82fae067bcf989f9f9766e9b22d182ccd7a3fff9f2a8f00f7c061d74bcd", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5aea8564ca36f345d35bb99a", + "humanNextAction": "homologar rota administrativa consulta para intelligence/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "administrador_empresa", + "routeId": "intelligence.administrador_empresa.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "88a82840148903c2451fc1b87aeab8f9e715926e4d38a5545c48acbf47379651", + "sourceRecordsHash": "5aea8564ca36f345d35bb99a853d9f2ab716adcf557187151937cb5e72146bd8", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a97f5b221a5ccbe73d8c3034", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "administrador_empresa", + "routeId": "intelligence.administrador_empresa.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "d57b8a83209623b8ce578342a512e3ac029e87bb60b79a898713758f0f0dfdf0", + "sourceRecordsHash": "a97f5b221a5ccbe73d8c303463fc8838df7ef840631d9855a661c8c0d083e542", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-1f20a64247fad65d9714859a", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "administrador_empresa", + "routeId": "intelligence.administrador_empresa.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "2138faa3f202dc97d9b497232d51aba1bda09c3e8c5e5b8a70b01fffe1655add", + "sourceRecordsHash": "1f20a64247fad65d9714859ae55131327a4de7014f2a0fde2a55116360086b16", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-006804297874a769d850042a", + "humanNextAction": "homologar rota administrativa acao para intelligence/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "atendimento_cliente", + "routeId": "intelligence.atendimento_cliente.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "8d42aff90284e2f78efce5423f9cc1433c4dddb2d7d457cda0a960f4b3dffb29", + "sourceRecordsHash": "006804297874a769d850042a88a51450538c6e45d93e8350bc44cff914a15331", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8c24ba50740b0850092f4be3", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "atendimento_cliente", + "routeId": "intelligence.atendimento_cliente.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "abee78db89549fca71d458fd1068c2eaf0681865048933961ddb448aa8b96555", + "sourceRecordsHash": "8c24ba50740b0850092f4be375533a0134cf0ed81dc6f28d5e917c59ea0e8fdc", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-c2c6bd281c0d0fe58528b69c", + "humanNextAction": "homologar rota administrativa consulta para intelligence/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "atendimento_cliente", + "routeId": "intelligence.atendimento_cliente.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "630a26365117730b8115dd165e5db2a5d378fba2b22623baa6457e21118b8788", + "sourceRecordsHash": "c2c6bd281c0d0fe58528b69cc68f66f35b8561a41d9f70a14d4f9dddd17521f4", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-76b190c91dd8419e5b134d0a", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "atendimento_cliente", + "routeId": "intelligence.atendimento_cliente.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "ac91df2d7b31c1aacaa06905ea3fb93ef126f12cbb04db291f434f8b167d1eac", + "sourceRecordsHash": "76b190c91dd8419e5b134d0ae2dd3e7627672ce59b31ef428c5f9a519d69db19", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-ce878b9d63510152bdc08121", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "atendimento_cliente", + "routeId": "intelligence.atendimento_cliente.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "de88e249b0cfa8dfca65c11e1541c07ee6de6be97375efd5d67aa062fdbcd8cb", + "sourceRecordsHash": "ce878b9d63510152bdc081210b3a88e9104e996368bfffa73fa660a72d98d054", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-f2f3159e1337f7f585d61f8f", + "humanNextAction": "homologar rota administrativa acao para intelligence/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "ceo", + "routeId": "intelligence.ceo.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "1ad197f9bdf5bcf358dc1e93a33c668d55df1387228a95d13bb9a57d649be66d", + "sourceRecordsHash": "f2f3159e1337f7f585d61f8f7b2111c2486f5342811d78ba4d6f415bc4f73c21", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-cbdd2f1e558af059e203894c", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "ceo", + "routeId": "intelligence.ceo.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "6a4877e099977f2aae689dcdc710358fe39e7fee6ed7b179f033be584fdc3b64", + "sourceRecordsHash": "cbdd2f1e558af059e203894c4b9b96284fdb253b2e83061133f05129a5bbd923", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-b935c651cedf93542a691e8f", + "humanNextAction": "homologar rota administrativa consulta para intelligence/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "ceo", + "routeId": "intelligence.ceo.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "b4d6143eee53aa21c8b812f527c99f0da15a64c0ceb7604ff0f0c49740f781bd", + "sourceRecordsHash": "b935c651cedf93542a691e8fab6420cae2318843b3ff4e48a7a83f9ae681b8e0", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-2cf7916fe17777fbac6ec777", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "ceo", + "routeId": "intelligence.ceo.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "b5385f120180695b4e5165ae7ca2aba6f221e3791454a6af6bd12dba58e18996", + "sourceRecordsHash": "2cf7916fe17777fbac6ec7779741ada9ebbb9d93e1f8213d2a7ca607f83b6e43", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-579630bdbbcf01d24f523270", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "ceo", + "routeId": "intelligence.ceo.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "24e9c78ddedc81c99ca46923d872ef3b5734bb91cdc0e36e2cd190b8c6ec3583", + "sourceRecordsHash": "579630bdbbcf01d24f523270b7f9bae4b576cdde783e8c6d4ecc17e0032993c4", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-11aed14d148ee16449d85c9d", + "humanNextAction": "homologar rota administrativa acao para intelligence/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "cliente_externo", + "routeId": "intelligence.cliente_externo.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "d253bd36e061abcadc0d47585de77ed96fe70a9bd955a4680e07c34a52939b15", + "sourceRecordsHash": "11aed14d148ee16449d85c9d57c9141831f27e2f91f2464fb766bb7ec8963326", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-2c1a27444b0cb28881ca49f7", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "cliente_externo", + "routeId": "intelligence.cliente_externo.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "3c58095a6b7695d63624ec386670fe542548bb6940bee1d1638697e265b0b377", + "sourceRecordsHash": "2c1a27444b0cb28881ca49f7944132a54bae5f4d9df07e00679cb95e00a750d4", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-eaaf0ce9bcffdb720df4b05a", + "humanNextAction": "homologar rota administrativa consulta para intelligence/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "cliente_externo", + "routeId": "intelligence.cliente_externo.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "c8830bd76196e8badaf7a4911d6ae55838fff3cd087dc06f71f46f1a6311ad10", + "sourceRecordsHash": "eaaf0ce9bcffdb720df4b05a4ec470637b558d77c6a6b3309ab0d91c2927ae9e", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8c49624a98d5e87a5532cec6", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "cliente_externo", + "routeId": "intelligence.cliente_externo.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "dbfe56097ea0e60994d1b6b860f3ee792ee37fc0f5869809d67c9361ec901318", + "sourceRecordsHash": "8c49624a98d5e87a5532cec6b193bbe5dfb99678dfb34196f7eb40bdd184c636", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-29ba543a38bf9796c3ce1cbb", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "cliente_externo", + "routeId": "intelligence.cliente_externo.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "7faa64493de29f6755f876d84438151288585dbca9de980f4aa27618c6f580b5", + "sourceRecordsHash": "29ba543a38bf9796c3ce1cbbfc53552ffd6b2169673ee2a5821d296117c96c00", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b014ba9470f3154146637a5a", + "humanNextAction": "homologar rota administrativa acao para intelligence/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "contador", + "routeId": "intelligence.contador.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "db122d00a203d8416ef8bd8028cde855776d78c990e09db0d9b50e24fe3793c0", + "sourceRecordsHash": "b014ba9470f3154146637a5ae6e5641cf13013166e6f3277b8f032eeecdfad4e", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-1e7c6bfd59dbd7f99af03729", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "contador", + "routeId": "intelligence.contador.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "855958ddd921a888443f0870272c329c00c962e4838959d8781af8413125c517", + "sourceRecordsHash": "1e7c6bfd59dbd7f99af0372905a4c66a01648f0e885e19b15c88643140f92a96", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-c67169232182ef3a1f23436f", + "humanNextAction": "homologar rota administrativa consulta para intelligence/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "contador", + "routeId": "intelligence.contador.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "f119ddc8d2b349f9d6bb4407f5ef1799167712b43c5af585d47c4340db7e5726", + "sourceRecordsHash": "c67169232182ef3a1f23436f3b2892b7821b84ac2163e8e810a8b0a28b826004", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e518157558d8cd7c7887dd79", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "contador", + "routeId": "intelligence.contador.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "a517a628b4cc1b27af6624ee1799b3567655f8f18fcd1d5ba4e7c17fd4fa5563", + "sourceRecordsHash": "e518157558d8cd7c7887dd79f798b523c2cc449d14a0bce66194a15ca6710bf8", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-f507e6b94d33db8ab8013630", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "contador", + "routeId": "intelligence.contador.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "272d0436ad59abf01a12f1e4ae6e3e0806427c873355044a4a248209eaa31e2f", + "sourceRecordsHash": "f507e6b94d33db8ab8013630a6d862ee7bd7bcf3353c7fb1b077fa50196d6454", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-a638c957601742dad67267cf", + "humanNextAction": "homologar rota administrativa acao para intelligence/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "financeiro", + "routeId": "intelligence.financeiro.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "c1d39373659cda4bbdf15fe0bbe5524b692209a6e4c21c982227bc07fadd36e8", + "sourceRecordsHash": "a638c957601742dad67267cfd5834f150afb52efe58342931b60cbbe5ea05547", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4d014eb70cf1f7e95517165b", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "financeiro", + "routeId": "intelligence.financeiro.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "bbae576a71cf995585a7667df267490a06ac0113c8734e74a220f0a5e8926394", + "sourceRecordsHash": "4d014eb70cf1f7e95517165b11def79b0b51ab5e5a7949c67de587ad8881d737", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-2e1739ea25b7d86cb67d42fa", + "humanNextAction": "homologar rota administrativa consulta para intelligence/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "financeiro", + "routeId": "intelligence.financeiro.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "74869ba316941a295c141f61b2475571f5fc230ef6cd8bebef2c3f3c90cf187d", + "sourceRecordsHash": "2e1739ea25b7d86cb67d42fae9d14c6505a14a19e2d6dd136359bd7310366542", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-5e8743c8742b2f5c74971740", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "financeiro", + "routeId": "intelligence.financeiro.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "838b3bd695d75fa50520cbb59e5e54fc39069150a4facbc65ab5171e3bf180b9", + "sourceRecordsHash": "5e8743c8742b2f5c7497174011e77a98e44b7e711b67c92b5756167f8b76ebf2", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-f577edbd6b3a46e66079df6b", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "financeiro", + "routeId": "intelligence.financeiro.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "bc4a45cee886302641b4f6bbf835a24f8841d35690a2aed09bd94e5d85b8657b", + "sourceRecordsHash": "f577edbd6b3a46e66079df6bba6fda8b9db9689c819782d4f94eccb6ecbfbc98", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-79a20430a5650200240b728d", + "humanNextAction": "homologar rota administrativa acao para intelligence/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "gestor_operacional", + "routeId": "intelligence.gestor_operacional.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "f4e13857d86c11933146789c8577bbe74c4f9021a2623ad48e704442e8245b65", + "sourceRecordsHash": "79a20430a5650200240b728d12a0213cdcdbdeae4d4aac49799b6f8abf5a3f0b", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-f3ee937ccc839e6f72971c2c", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "gestor_operacional", + "routeId": "intelligence.gestor_operacional.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "575384c067cd4b5be3ff91d18a3a034e4043563cdf666a0610e47d8f62dc9277", + "sourceRecordsHash": "f3ee937ccc839e6f72971c2c06a4738e41a43aaef886efc579e882bd35ecb1bc", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-3919b10a942f69e041e33502", + "humanNextAction": "homologar rota administrativa consulta para intelligence/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "gestor_operacional", + "routeId": "intelligence.gestor_operacional.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "0221c58a366b507dad77a731407e5ed53fb9f3e3518f20007dd513502253d679", + "sourceRecordsHash": "3919b10a942f69e041e33502bb1b669caf67bb34615161900720dc5f2ed615d9", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ac2b3b2879007775a9f3a246", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "gestor_operacional", + "routeId": "intelligence.gestor_operacional.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "b0c487ec1a850e615ba0b51c9c275df8c4651de2062fe429f712a248282e07bc", + "sourceRecordsHash": "ac2b3b2879007775a9f3a246196734792776cfeb2779865159bdad70245331a1", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-56cb3aee4ebb458290dc4ee1", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "gestor_operacional", + "routeId": "intelligence.gestor_operacional.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "622456ca85376f5bb02f28ddf5279f61c6139f0f26c8af13cb68076348e421c1", + "sourceRecordsHash": "56cb3aee4ebb458290dc4ee1ab647e466ce5785f386f204bbca979035b32647e", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-c6488f4caf21dfeb87a678f1", + "humanNextAction": "homologar rota administrativa acao para intelligence/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "juridico", + "routeId": "intelligence.juridico.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "65f9799c46caf9f3e3328677ae1dcc4a795e7b3e0733c50cbbf0982a41cce1d8", + "sourceRecordsHash": "c6488f4caf21dfeb87a678f13decd2cdd06ac54fd6ac74c1e4e940620c449d29", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-f7e7d30a62e45a9f0fd63895", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "juridico", + "routeId": "intelligence.juridico.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "0fe9221139b8d391f8ffd7a26aa6f2b44da38545874c6f1adf782f65021bd5bd", + "sourceRecordsHash": "f7e7d30a62e45a9f0fd63895405d95d42bd1dff0785f19db24b62a7997bba8c5", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-52b702171ad75f41762b84d2", + "humanNextAction": "homologar rota administrativa consulta para intelligence/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "juridico", + "routeId": "intelligence.juridico.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "5d6f57d8517eb2fa55df31169ab720babf86d8bf1d92fb73bcc15a15244f58a6", + "sourceRecordsHash": "52b702171ad75f41762b84d222e4e7f06721c70130f26813e07924d6c593f02e", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e8673d5d261658103edee90c", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "juridico", + "routeId": "intelligence.juridico.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "6521273f2d35690f7724c93a0b8a67044aac53d2b1e7f113797b21fa37435855", + "sourceRecordsHash": "e8673d5d261658103edee90c25a406a655fc07b330ddf710542bd636930f1d36", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-cc04e38b5dced9c946e1f6b6", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "juridico", + "routeId": "intelligence.juridico.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "534911ac29baea077dc12b89dd928d6c236a0396ca042738467d1a46e5d7d51d", + "sourceRecordsHash": "cc04e38b5dced9c946e1f6b68d44a73547ae08af49e2f0abd41cb23f312957c4", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-3f365cabffcab3ad2b19d5d1", + "humanNextAction": "homologar rota administrativa acao para intelligence/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "planejamento_estrategico", + "routeId": "intelligence.planejamento_estrategico.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "0a174949ae0394430fabe8e8851d91e75b903a9cde9cb9cd6b16a8dbf4b90ad6", + "sourceRecordsHash": "3f365cabffcab3ad2b19d5d186d6fc733b6fdea6935a0f577c1c1b93ba067894", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4d2196bff50ff432c770efb1", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "planejamento_estrategico", + "routeId": "intelligence.planejamento_estrategico.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "07be2057c165c6e1bf8c4ad180eb5e13fccd15cba92fba690253126341006735", + "sourceRecordsHash": "4d2196bff50ff432c770efb1e142ef6e932c546e46b3511d8058370027eca387", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-36d9f919a330b107e731c039", + "humanNextAction": "homologar rota administrativa consulta para intelligence/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "planejamento_estrategico", + "routeId": "intelligence.planejamento_estrategico.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "00927dd48f69cbdd09772a3adda97f1e50178c0bbd06dbc97ca0961d477222da", + "sourceRecordsHash": "36d9f919a330b107e731c0395ce00a3001e01a2583f01d9850491943a8a6cdeb", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-1ec5d2cd453318c0ed4e2bcd", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "planejamento_estrategico", + "routeId": "intelligence.planejamento_estrategico.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "c31a9b7b5774aa68900ddea30970b06e953218fa286a17ec75691e55f9295299", + "sourceRecordsHash": "1ec5d2cd453318c0ed4e2bcd7f0becc7f0beca360d8d7e3ebe6d315ca0414266", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8be1669593e780018ed9ba68", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "planejamento_estrategico", + "routeId": "intelligence.planejamento_estrategico.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "e917f38da6bd5d5a2075a5acfbb9105c01548397b9626c7a6bfa1d9007450b92", + "sourceRecordsHash": "8be1669593e780018ed9ba68bb621d1acbd8874d6288eee9c9208dbe83e8fdbd", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-7c7776f90948fda7891e450b", + "humanNextAction": "homologar rota administrativa acao para intelligence/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "secretaria", + "routeId": "intelligence.secretaria.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "6ea55d2f9df8d1756a7087aad0bc4390fac2dd011834fe450e298dd960862ed6", + "sourceRecordsHash": "7c7776f90948fda7891e450b892f7c71cda1458a8e52f4e238ea6effbbb0ea06", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-c7dcb1ae8de85d29ebef497c", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "secretaria", + "routeId": "intelligence.secretaria.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "40b78d042e1d456521cc0b946c867b57f9b24d411a5fc4e4d183a3c234d31221", + "sourceRecordsHash": "c7dcb1ae8de85d29ebef497c8f34a16fed3f2ee48acea662b5821dc7fe93f741", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-3edde4c82aece8f300b10a6f", + "humanNextAction": "homologar rota administrativa consulta para intelligence/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "secretaria", + "routeId": "intelligence.secretaria.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "f3bcad373238a4f11eb5ae43f17e6a228630866058a184f58ab68a6aa7a3c5f4", + "sourceRecordsHash": "3edde4c82aece8f300b10a6ff21a5a88671f850b56a561af00326825e581c072", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0a774c117757bff38bf1f4e0", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "secretaria", + "routeId": "intelligence.secretaria.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "5d2d167d6ee31d7865092f2b83a04bb8252f504d81c413798d5d37dcd926777e", + "sourceRecordsHash": "0a774c117757bff38bf1f4e059535a222d4ff15afb613305c40cf7ecc742209c", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4e58db4b57e9bc4c47fcc4a1", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "secretaria", + "routeId": "intelligence.secretaria.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "731ac342ceb8c12e3b784b584ab6cadc9c0f6d19d3aab5b83388ef13fc522164", + "sourceRecordsHash": "4e58db4b57e9bc4c47fcc4a1241fa3c976d4556075149c1a0b6dc9dd299e6c43", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9d47834080979dff3a96b0d5", + "humanNextAction": "homologar rota administrativa acao para intelligence/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "suporte", + "routeId": "intelligence.suporte.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "90e8a04d184ad679c6097e62fb04c0793843dd66d1637874b254d3d7da902cbe", + "sourceRecordsHash": "9d47834080979dff3a96b0d524a1b55f956d2a25fb7b1c535bbb89be60a4aa6c", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-41e25d28fd1690aea547fc1f", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "suporte", + "routeId": "intelligence.suporte.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "694c7ae559ea4ac7f6d15141d0cb8aacb05fbdbf44cde2a10fd2ea075e6d07e3", + "sourceRecordsHash": "41e25d28fd1690aea547fc1f6a63c501cda0c155eddb94843b9967e3830d8156", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-9981db04001cece8f9521605", + "humanNextAction": "homologar rota administrativa consulta para intelligence/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "suporte", + "routeId": "intelligence.suporte.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "350c6434829ddf0fe43836c4cf25f8b29e1de627847a9436c99232395691d05f", + "sourceRecordsHash": "9981db04001cece8f95216056340c3d4438445344dd5334169180ff489539948", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ccbdf29e6b7b7fb6139791a1", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "suporte", + "routeId": "intelligence.suporte.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "2897e5662416bc4abb2573cf90505646513ac2a5a94ec149a50163e93c37ce06", + "sourceRecordsHash": "ccbdf29e6b7b7fb6139791a1ffecd22b1080d1e5ee0aaf131447721172bc196f", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-fef1685d1556ed27fa5d580c", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "suporte", + "routeId": "intelligence.suporte.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "8c0d9c196bb644f535b64fcad711c023453aecf23d708d0666eb762c6804d7ee", + "sourceRecordsHash": "fef1685d1556ed27fa5d580c385bcb593acd58c5454938f0721c75db35c8a6a2", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-7bb5d562b90c0c52c50d301e", + "humanNextAction": "homologar rota administrativa acao para intelligence/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "tecnico", + "routeId": "intelligence.tecnico.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "08b05daa1587969772043a081c928e38445fd8153ba3bd6341a73f859ad81349", + "sourceRecordsHash": "7bb5d562b90c0c52c50d301ebb61bef096be8fb671698c4b312ad4c34e2a2cbe", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-a32854225aaeb19aedc12f5c", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "tecnico", + "routeId": "intelligence.tecnico.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "a8de96836c9820424f1548d7e9b58adeed78f7c405bbbff3a7167fcbc39d4293", + "sourceRecordsHash": "a32854225aaeb19aedc12f5ca59bff839a0aa664b456d00a2dcbdc7fddd440bb", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-a91d571bd1319c6d1e7647e5", + "humanNextAction": "homologar rota administrativa consulta para intelligence/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "tecnico", + "routeId": "intelligence.tecnico.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "6c7372afc6c574c14cc21f75564919ac9552f343a039e0d9b306f8964d95d370", + "sourceRecordsHash": "a91d571bd1319c6d1e7647e54a560bb1dd6e86c36e18ddd936fe322dc4f16d25", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4970930f34fccc58277f65dd", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "tecnico", + "routeId": "intelligence.tecnico.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "3a66303d2ee24b66502d7299cb54c82adc1e91cba10be579595161e48fe443d5", + "sourceRecordsHash": "4970930f34fccc58277f65ddfc43f1979c1ae901b846d141d59bdc814f27937e", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-04e4410ef3c227c94b63d102", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "tecnico", + "routeId": "intelligence.tecnico.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "f70279fba9128c733ef8c6643bb470be8d75ea3e9fe1334d9198dadc2e4d1d77", + "sourceRecordsHash": "04e4410ef3c227c94b63d10242685ab0097799c34237fed1325c7c2ef579dfbe", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e925fd4b74aa5ffaa3f4683e", + "humanNextAction": "homologar rota administrativa acao para intelligence/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "intelligence", + "profileId": "usuario_final", + "routeId": "intelligence.usuario_final.acao.administration-route", + "sameSource": false, + "sourcePayloadHash": "09ea6123d6e64733349fd0967457e9d9a17ffd61339039b41933d5c5a0b44239", + "sourceRecordsHash": "e925fd4b74aa5ffaa3f4683e777cfd84247b38a98f6b0e412e08c8634fdda97e", + "status": "blocked", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b914287b979293728ee78782", + "humanNextAction": "homologar rota administrativa auditoria para intelligence/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "intelligence", + "profileId": "usuario_final", + "routeId": "intelligence.usuario_final.auditoria.administration-route", + "sameSource": false, + "sourcePayloadHash": "4f1956c8a3f657f82ee84c2b4eff01ad8c9e24ce5a1b529c86b65e795f171232", + "sourceRecordsHash": "b914287b979293728ee787820ae696e65a1df00bee5da94f949d5331449a0c08", + "status": "blocked", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d78dc30e912612037e7e8763", + "humanNextAction": "homologar rota administrativa consulta para intelligence/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "intelligence", + "profileId": "usuario_final", + "routeId": "intelligence.usuario_final.consulta.administration-route", + "sameSource": false, + "sourcePayloadHash": "05d0bc0f4fe99c0f425bbf64cbe98006f99e83a36909f4a9ce14de9e613c083f", + "sourceRecordsHash": "d78dc30e912612037e7e87630231d0a19a2c750bc229a2ba0b4d4974187da730", + "status": "blocked", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-318d37a9b539a966c8eba0d1", + "humanNextAction": "homologar rota administrativa diagnostico para intelligence/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "intelligence", + "profileId": "usuario_final", + "routeId": "intelligence.usuario_final.diagnostico.administration-route", + "sameSource": false, + "sourcePayloadHash": "4004d2d94bdf0a7516017c73fa8aad59eee3878a2dcbe9d11f98705884995382", + "sourceRecordsHash": "318d37a9b539a966c8eba0d13b9e532d80aa5beca5498c4642e759c7225dc2da", + "status": "blocked", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-197064a1a9c4f5151b8aaf71", + "humanNextAction": "homologar rota administrativa explicacao para intelligence/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "intelligence", + "profileId": "usuario_final", + "routeId": "intelligence.usuario_final.explicacao.administration-route", + "sameSource": false, + "sourcePayloadHash": "c0733965eaea19e5db93d1810878968e6ffa3d02a80bdae57b7dc1797d006e99", + "sourceRecordsHash": "197064a1a9c4f5151b8aaf71e9f6d2f1175b90ddfa74d1a34b91afba389bff1a", + "status": "blocked", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-ff3cb5d7815bce1ebff74644", + "humanNextAction": "homologar rota administrativa acao para mcps/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "administrador_empresa", + "routeId": "mcps.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "731eb137ab8e9762e7233dbffa5004847dc346ba1249ef198c88606e75ed2b22", + "sourceRecordsHash": "ff3cb5d7815bce1ebff74644ba78a3bbba0eef09a88ed0c3ecb332e8029a0a52", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-9ff5eced39a12c02a3bc15cf", + "humanNextAction": "homologar rota administrativa auditoria para mcps/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "administrador_empresa", + "routeId": "mcps.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "0a2f80d14bd84522bf92e1fc25d5e448b91e19081e34079b6ca4669a5895a42e", + "sourceRecordsHash": "9ff5eced39a12c02a3bc15cf4dffa73f1fffd4747cd9a1d383c5b10c8b757b47", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-9347d368f74fd8c55e7f0354", + "humanNextAction": "homologar rota administrativa consulta para mcps/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "administrador_empresa", + "routeId": "mcps.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "855fca03c20d6b6c195629a84e969092d5fcdab33a6ecabb87bf79d7f5fbae39", + "sourceRecordsHash": "9347d368f74fd8c55e7f0354321742ea2abe196665f92c3b8e5ccf0b0173c73d", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-bad9c3151339bb859220ef80", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "administrador_empresa", + "routeId": "mcps.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "647612572edc77a2b1d451f7f5a347d5efe0d13e5d94c10e7d9b6d14bb4431b1", + "sourceRecordsHash": "bad9c3151339bb859220ef808cbd96fe66a5b7a780d4186afe1879d9216af855", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-7e1284940968cc106f2576da", + "humanNextAction": "homologar rota administrativa explicacao para mcps/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "administrador_empresa", + "routeId": "mcps.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2e1191efe1b707d7931c4b3c1c9ab90eb40d03f4862ec43f97bf543127ffd0f2", + "sourceRecordsHash": "7e1284940968cc106f2576dacced19a6ab07433c550b6c5302889cb20a0104ef", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-17872d16f41e8f9eaf2d7198", + "humanNextAction": "homologar rota administrativa acao para mcps/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "atendimento_cliente", + "routeId": "mcps.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e077023f0d69f4fcd2dc05638c1dff613a17c2e43d62d5692853a1cdf007b31a", + "sourceRecordsHash": "17872d16f41e8f9eaf2d7198e6d2e672454e84ce96628ee771716a7b153fedb4", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-e8093a4f2c25eb901ec67f66", + "humanNextAction": "homologar rota administrativa auditoria para mcps/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "atendimento_cliente", + "routeId": "mcps.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c204989602a42f654368d40606e74533fc171942632e299568c36b0ab9329ad3", + "sourceRecordsHash": "e8093a4f2c25eb901ec67f665f180af91852fafd0a11f3de15db649505813b8d", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-1a02886aaf226efaaeda7cd6", + "humanNextAction": "homologar rota administrativa consulta para mcps/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "atendimento_cliente", + "routeId": "mcps.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "7efa6001a0b1660a4b2830c43b4fb222b3e87617872780e50ca809c086ce015e", + "sourceRecordsHash": "1a02886aaf226efaaeda7cd67987d34918a92e286d7253feb855a8d7a32ffd0d", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f6159e65ab0519d040be1f9e", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "atendimento_cliente", + "routeId": "mcps.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "75c47062d4bb4f08d083f11152f5495a4227258242e28251d4bff09ddadb56ac", + "sourceRecordsHash": "f6159e65ab0519d040be1f9ed056c08b5b28e8127d8970c343a69855c15ef1f8", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-f8cc2df9cc6e3f08d0e1367e", + "humanNextAction": "homologar rota administrativa explicacao para mcps/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "atendimento_cliente", + "routeId": "mcps.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "705174c3b814d20949623935be1eff471024c37b4b4c604adb383fb5cf255c58", + "sourceRecordsHash": "f8cc2df9cc6e3f08d0e1367ea7bbf5a9cd9f03d8678855189e2e389f26c2b7f8", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-80bcd12139e3bab80c207b5f", + "humanNextAction": "homologar rota administrativa acao para mcps/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "ceo", + "routeId": "mcps.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c220c7ee2bea99b3af8d5f0ed5023edb0b67c65fa488f3493b6ebd415d3fea3a", + "sourceRecordsHash": "80bcd12139e3bab80c207b5f6a2c87ac8da4213625d40b94c0a65a82436f91f8", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-c045116584ecb609b1d7c548", + "humanNextAction": "homologar rota administrativa auditoria para mcps/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "ceo", + "routeId": "mcps.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f045483e929acd7e7b76a7018c1d6a13342b3194be797be34b3838f97b2c78d1", + "sourceRecordsHash": "c045116584ecb609b1d7c54876edbc241b89a58f6e9d0d6f96d42d364917a757", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ba64660a7d5d9d75537b532d", + "humanNextAction": "homologar rota administrativa consulta para mcps/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "ceo", + "routeId": "mcps.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "13bad212bf66848f7a5c541ca7ecd17cb8863b2530b261b5e1b3bde7556dc951", + "sourceRecordsHash": "ba64660a7d5d9d75537b532d4c65d63ba27abf49aae0d1f0eea156830d4eec5d", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-b8ca619a4607edef85926d56", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "ceo", + "routeId": "mcps.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "a6c2057d78d470e51b592adce57024059cd959563e92ebde0c4db078c3fc2a1e", + "sourceRecordsHash": "b8ca619a4607edef85926d56755674c7ae3dfa7df708bf0ad40816c2563f543e", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-aca55df20dde5d7720958b9a", + "humanNextAction": "homologar rota administrativa explicacao para mcps/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "ceo", + "routeId": "mcps.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "11afd23a5b817e1424efa54e9ca9adfcd56aa24bf64c40812d48b66e8982315f", + "sourceRecordsHash": "aca55df20dde5d7720958b9a27d42ed38975b905a353ef82b14512500d1650a9", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-dccfe9a9477b956b3e86af69", + "humanNextAction": "homologar rota administrativa acao para mcps/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "cliente_externo", + "routeId": "mcps.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2612de095b5c6e8737f3e0c5e2209200a989778acd946321588c228f41c75ae0", + "sourceRecordsHash": "dccfe9a9477b956b3e86af69a0e622f2e1eb7f30286ad9a12c4cafc28a13409b", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4975723a7aeeeb762ae719c7", + "humanNextAction": "homologar rota administrativa auditoria para mcps/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "cliente_externo", + "routeId": "mcps.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "26534ccc5a408ccfeb5c47ab606bcdada8bb0e6542b3d9e4f3b72316f92c89fc", + "sourceRecordsHash": "4975723a7aeeeb762ae719c7614c5d6aab8128a6073b031465e80bb01b8c0817", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-59bdaf0880f79d05c5126856", + "humanNextAction": "homologar rota administrativa consulta para mcps/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "cliente_externo", + "routeId": "mcps.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a0bf7503450e704c9bf250f1365f14d5a822dd26bfdc03b1c9a28c00fa734bd0", + "sourceRecordsHash": "59bdaf0880f79d05c5126856922f9fcad35eab3914aeab17928ddef248468d5e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e58f51d466dc73633f298b7f", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "cliente_externo", + "routeId": "mcps.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "5be1e7d080b6f216924c8b13ed6e7d43e3065efe1d6acaf82a7ea16bdaad6258", + "sourceRecordsHash": "e58f51d466dc73633f298b7f168a1e3e1e9e25335eddd3125b3dd123b965500c", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-374ba4ad0a09ebecc4325bc1", + "humanNextAction": "homologar rota administrativa explicacao para mcps/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "cliente_externo", + "routeId": "mcps.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3cfd63a789cc1b63e3906ecb5f5b16abca1faa59d699973c61220044c1994eae", + "sourceRecordsHash": "374ba4ad0a09ebecc4325bc1a240ed2093cc4d6dcddbc71cc4043dbeaf2c269a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-719cc211ea59a402ed9f4707", + "humanNextAction": "homologar rota administrativa acao para mcps/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "contador", + "routeId": "mcps.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "014d8c8969febec0ca23089473749bb7563952810a214683c742e5c709d2b0d4", + "sourceRecordsHash": "719cc211ea59a402ed9f47073398a493c2355c2e649099a2a07ebf7f80725c76", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-f6d3e337f98bdc4e514d3871", + "humanNextAction": "homologar rota administrativa auditoria para mcps/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "contador", + "routeId": "mcps.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "a080d00753f33b535ac9d8bcd48895e64b2f5d1554da6a7c0694ac2ade99e8b2", + "sourceRecordsHash": "f6d3e337f98bdc4e514d38717de712f0a6c99111032d935f2b0b5dea25c08d32", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5d965deeb3b92a83dabd5336", + "humanNextAction": "homologar rota administrativa consulta para mcps/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "contador", + "routeId": "mcps.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "723e83733a670e7e116c3be8668c95e6431a20568f6bbbc143f91cccfd4323a1", + "sourceRecordsHash": "5d965deeb3b92a83dabd5336fdb6fcadea37104de3e943a7754e6cdca23f9ba6", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d563ccd356b9ff1b95573d9f", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "contador", + "routeId": "mcps.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "2e6547446ddbf9ec9268307cf52591413f8cb8110620e97689b6104570187108", + "sourceRecordsHash": "d563ccd356b9ff1b95573d9f2f8d24ebfc5f3960fb1af6f7d29f654ca4ee400e", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4af571b1d285771cbc78ddee", + "humanNextAction": "homologar rota administrativa explicacao para mcps/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "contador", + "routeId": "mcps.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1a698cc4560422c2c3df0c9302affaff263846b4170627158600962a01b10be5", + "sourceRecordsHash": "4af571b1d285771cbc78ddee4bfee4fbea84cfe22a75493ffce694d58c5fc20c", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-92a98dfd414054a33bf0c718", + "humanNextAction": "homologar rota administrativa acao para mcps/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "financeiro", + "routeId": "mcps.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a3a9dc5b31c21f7c7d79ed5f04f552b896a7b97638ba927495f8e5a14c42b168", + "sourceRecordsHash": "92a98dfd414054a33bf0c718685fff12fb041c34b2bf1c61eb066959bf6431ba", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b9936ee9a3ea8b0176bb7df3", + "humanNextAction": "homologar rota administrativa auditoria para mcps/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "financeiro", + "routeId": "mcps.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "95ac0e6200feb5e229d0b11cbd2ab0656863c5242c0c8c5730c82b437a35b9d2", + "sourceRecordsHash": "b9936ee9a3ea8b0176bb7df31eb5bf83d85ec813706d77aff6803741403c4853", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f301fbfec2358b733be30490", + "humanNextAction": "homologar rota administrativa consulta para mcps/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "financeiro", + "routeId": "mcps.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "d737c250a144ebdb77b27cc6376d3c908f823e55d9560d03a5f9c03c62e66902", + "sourceRecordsHash": "f301fbfec2358b733be30490a35bad54fa2e85a0de368f767b44876366531730", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f0d5209c1a5a9a9a33806ffa", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "financeiro", + "routeId": "mcps.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "8d8abd58179250d2e9730acb6e4bfda695e0d249d8896aecaafaaf005f94fc9b", + "sourceRecordsHash": "f0d5209c1a5a9a9a33806ffa0ba4ec4244e0ac7f0a746af5025375d83422eefb", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d79aa10fdcdeb68fb9674c24", + "humanNextAction": "homologar rota administrativa explicacao para mcps/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "financeiro", + "routeId": "mcps.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1768dc28595c9ecaf4600d4115e858accfaae619085f791837dd8262f8fa0582", + "sourceRecordsHash": "d79aa10fdcdeb68fb9674c2492c05cfa31dbe60b443bd6253acc51f99555dad9", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-bd29f454b2e66cb17ee1e91c", + "humanNextAction": "homologar rota administrativa acao para mcps/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "gestor_operacional", + "routeId": "mcps.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4b29fd812cc198f55d1d0d88c54d7eac8966d60bbbb4cf2a95d40aecb208f22b", + "sourceRecordsHash": "bd29f454b2e66cb17ee1e91c895f6940f9c9e76537c561ab81265b2d4879e265", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d7b5f8d62f34b390904101eb", + "humanNextAction": "homologar rota administrativa auditoria para mcps/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "gestor_operacional", + "routeId": "mcps.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "0cf290bf33698dc85504a0187f18385ea5a24337fd2ad85761e3fd370738b187", + "sourceRecordsHash": "d7b5f8d62f34b390904101ebf13a7d3feaac920fbeafff99f593a1764632386c", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d90af0ddde1e6e008552129c", + "humanNextAction": "homologar rota administrativa consulta para mcps/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "gestor_operacional", + "routeId": "mcps.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f0048bec76df852e740e173d09df8f473213f30d4ce24dce609232a88a5d1e69", + "sourceRecordsHash": "d90af0ddde1e6e008552129c131abc9bd8ebbcacea19519530ea866a50bdfdc8", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e08e9d7c5ef7ba70959d2f31", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "gestor_operacional", + "routeId": "mcps.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "61255324537dad05c17ea8a749063ca24522fceeb2b2e581136927725a048304", + "sourceRecordsHash": "e08e9d7c5ef7ba70959d2f313dec80010dfc933f8b5968b387299e6056b3f415", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a0cf5577842151f34cf24883", + "humanNextAction": "homologar rota administrativa explicacao para mcps/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "gestor_operacional", + "routeId": "mcps.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3a14bf496cc1078a075cc8ac0c8b1fae126011fb723992467907bc9e5c954087", + "sourceRecordsHash": "a0cf5577842151f34cf24883b28a6cbd35122004121902bb0c519cfc44c1d304", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-dc9f6ccf80844bc8721c714a", + "humanNextAction": "homologar rota administrativa acao para mcps/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "juridico", + "routeId": "mcps.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2aee1a7934602713da88f5eb6a3ab447729e1fca90edb9b84448ca3b53665a7a", + "sourceRecordsHash": "dc9f6ccf80844bc8721c714ada2317cd6aacb0e5cd6be57f1b4f291be9569cc5", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-824da85c88101f8f623a8e55", + "humanNextAction": "homologar rota administrativa auditoria para mcps/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "juridico", + "routeId": "mcps.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "0e8cab4cf54f2707e7bb353d4ab06fd180ac3427062107959227475814fed3e6", + "sourceRecordsHash": "824da85c88101f8f623a8e55f0ab3688d28870d265fd45a1b84e21a4bf7e0c98", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-3232ea78796077cb1b1fc18e", + "humanNextAction": "homologar rota administrativa consulta para mcps/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "juridico", + "routeId": "mcps.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "0eb96c645782ddfeb53d6b10b5cd87db75a8d9d70fb67f4b147c98fbabd293be", + "sourceRecordsHash": "3232ea78796077cb1b1fc18e6910631d72db90466afc069708c0935f3d8aa298", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-475db604c79db056c3e5c929", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "juridico", + "routeId": "mcps.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "73ae253ac331f44ab12fb8c5a91700ed396466be3ac47af4918232a20ee0ed72", + "sourceRecordsHash": "475db604c79db056c3e5c929ae950f8f178a3173c782aa5b1dcbb8c2c2885f93", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-fcbc4a44dfb49f4159b95fd2", + "humanNextAction": "homologar rota administrativa explicacao para mcps/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "juridico", + "routeId": "mcps.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "95b4ba80cbfb1cc6a061a49cbf7964f677f4fd03c7c16728fd1a9bc8d04f0557", + "sourceRecordsHash": "fcbc4a44dfb49f4159b95fd2691400ae7d72e260ce662d02b2d63f5f261cee48", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-fff1ccac685319cdf8bffbf6", + "humanNextAction": "homologar rota administrativa acao para mcps/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "planejamento_estrategico", + "routeId": "mcps.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9968ce075c30d744ae5ec23338e88ac5e842e1344abcb4a2cb14bcd80dfabfe4", + "sourceRecordsHash": "fff1ccac685319cdf8bffbf681f0622b8d462ce11c6469c126b512cdff31e75e", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b499e2611c74801c59c3c400", + "humanNextAction": "homologar rota administrativa auditoria para mcps/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "planejamento_estrategico", + "routeId": "mcps.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b6562741ed6962fdfd05b3885d000c09d491f86ceba36d64175a738409722cab", + "sourceRecordsHash": "b499e2611c74801c59c3c400781ade33aa3abe22980aed8addc41afdcd459ad0", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d021810f3449196c500a4461", + "humanNextAction": "homologar rota administrativa consulta para mcps/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "planejamento_estrategico", + "routeId": "mcps.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f834f6ca3ed86c393c94b6880f66c8b211850512059cfcbccadf60e57f36c6fc", + "sourceRecordsHash": "d021810f3449196c500a4461a1191c6f576e4040efb58b095645d9ef9751b2b4", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-54f32d27405cb76107af9398", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "planejamento_estrategico", + "routeId": "mcps.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "fb7d9eb99e39457890a8e151499b94a45330cd394d3ec300234659b105712365", + "sourceRecordsHash": "54f32d27405cb76107af93984ddc1148fcb2fa6229687893bd1765a450df437d", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-99f93b2c5c026440341a9def", + "humanNextAction": "homologar rota administrativa explicacao para mcps/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "planejamento_estrategico", + "routeId": "mcps.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e56a6874b9579090984a7cd5b9731fcec680698504cc41f85ccd4571ec4662ca", + "sourceRecordsHash": "99f93b2c5c026440341a9defcdda10c50a3c069d0f8a3421285cc66debcc63cb", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b6cf45b5966d4ef50ab4693a", + "humanNextAction": "homologar rota administrativa acao para mcps/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "secretaria", + "routeId": "mcps.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7bd56540fec188f1ebb72132f1b79c444134293263e7ca93e8c19f81319df003", + "sourceRecordsHash": "b6cf45b5966d4ef50ab4693a9aa6f2c9bab717a340d165312dc6b34cc6c545b1", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-80bf0d845797a5f6daf0a15c", + "humanNextAction": "homologar rota administrativa auditoria para mcps/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "secretaria", + "routeId": "mcps.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "485637ecea37663ff0785d90bb46366858b1a4da03c18f8cb9e28b1d50dd101d", + "sourceRecordsHash": "80bf0d845797a5f6daf0a15cfd27a5afa24fcf7ac5e5e5a0b4438bdfb3b126cc", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-eecc3fcb8014ed3c4d6ce8ec", + "humanNextAction": "homologar rota administrativa consulta para mcps/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "secretaria", + "routeId": "mcps.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "051ed5abaddd2eef72fe82f62e74f9c5adbe348827e756950d6edb66da3768e0", + "sourceRecordsHash": "eecc3fcb8014ed3c4d6ce8ecf71621db60de7e6c2861ddadbbc7be3551434936", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-de8683d64a31bf51f50c0c3a", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "secretaria", + "routeId": "mcps.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "7d0d34ef87ab7817acea56d79ef5a3f2385e1b90f2ce01c14420d8413643047e", + "sourceRecordsHash": "de8683d64a31bf51f50c0c3adab871602bde0b1f79c85101e7b378b11e959d50", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-5296d5ba394e8ab766e15f03", + "humanNextAction": "homologar rota administrativa explicacao para mcps/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "secretaria", + "routeId": "mcps.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "09e2bf7746d24efdf9ac5890fa420fd8a694d02b687c2d7af7f68278942ce0ed", + "sourceRecordsHash": "5296d5ba394e8ab766e15f03b2fd07c6cbc27c7e6670c73c62479a77160c528e", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b7c055d2958976df84d6e83b", + "humanNextAction": "homologar rota administrativa acao para mcps/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "suporte", + "routeId": "mcps.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "da1a22cbfdeb2dce253c9eaceec2f4a1bc5dbeb6e7caa8d64b7ee715a524e229", + "sourceRecordsHash": "b7c055d2958976df84d6e83be31cfd0696ae942c05afcdc2d900bc02ca8942a5", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-486670ba3e75b7a635a515f8", + "humanNextAction": "homologar rota administrativa auditoria para mcps/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "suporte", + "routeId": "mcps.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "08071fe221c6b46e54bdde1665335d8b1e9ecacef0194c62502189bc4d917c2a", + "sourceRecordsHash": "486670ba3e75b7a635a515f8ae353f853ec7e9b4ec28174caa4a437044fe823a", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ab7c1db1f7de211ebd03428a", + "humanNextAction": "homologar rota administrativa consulta para mcps/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "suporte", + "routeId": "mcps.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "42564f113b24d53d65f30a1397476f92a8c774845974e7c2cbc72945ed703eb9", + "sourceRecordsHash": "ab7c1db1f7de211ebd03428af22adde8ad0eaf7b0f989da99f3886e193474b70", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-40ee418eea684a1366eada24", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "suporte", + "routeId": "mcps.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ca653879320778785b5def25d846657dd46c4860daa895e659fedda00519d6e5", + "sourceRecordsHash": "40ee418eea684a1366eada2401bd9ce7f3eec12c64602ec3fd1f8ce9c54fedf5", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-adcbc0389692e69e5bf59402", + "humanNextAction": "homologar rota administrativa explicacao para mcps/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "suporte", + "routeId": "mcps.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d3da5546e53b86abeb53bf29ee606a2fed00d286a3b47dd005d26896948e0850", + "sourceRecordsHash": "adcbc0389692e69e5bf594028b55b4d922449ce331a88dcccfb3f387001843a0", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-89479cca7c85ddb6e1859669", + "humanNextAction": "homologar rota administrativa acao para mcps/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "tecnico", + "routeId": "mcps.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2d9bc4f5be7b90aaff306430cf25973dcc30904312d6a1e5d0aedf2eaedfc451", + "sourceRecordsHash": "89479cca7c85ddb6e1859669efb162d201e85543896e1404e7b5a9a5a8e01081", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-52579cebc040238f21659eb9", + "humanNextAction": "homologar rota administrativa auditoria para mcps/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "tecnico", + "routeId": "mcps.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "6a502b9650bf7a12ecee791de72cfa3ef5a333aafbe9e6d6699fdabc6aedc749", + "sourceRecordsHash": "52579cebc040238f21659eb9542294d01b6a6ae9c4438c022a68663121f31035", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-de76cd086d2bb8364ea10224", + "humanNextAction": "homologar rota administrativa consulta para mcps/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "tecnico", + "routeId": "mcps.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3da911bd04c7af334a4affea60d6ca487ff0a2bb4bcd1d05fd30497a2b734b98", + "sourceRecordsHash": "de76cd086d2bb8364ea1022492d6bd08ead1d2708614fae2995869c78a42cd7b", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3fdbc3064f1840eb0528c451", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "tecnico", + "routeId": "mcps.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "e20054b16e19e9838048f0ccecfdaf1e88f92ad0731012345a374bbcc906615f", + "sourceRecordsHash": "3fdbc3064f1840eb0528c4512e5aedc5ef2078a445b355707c800fbbbccb1d4a", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-addd8b65c3355261eceea2b0", + "humanNextAction": "homologar rota administrativa explicacao para mcps/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "tecnico", + "routeId": "mcps.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "07a6fcc51fd462c0275c57ad08b78185fd9bed8f48ea5faf39b63c136ee8b4f7", + "sourceRecordsHash": "addd8b65c3355261eceea2b0c74d42cab85e8a7206cc2d20c4c95734fbc8da77", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-c7e83904604f2c94d1571293", + "humanNextAction": "homologar rota administrativa acao para mcps/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "mcps", + "profileId": "usuario_final", + "routeId": "mcps.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3bd5236562cb04136fb55d20081eae195981c65fc9c9f44c9e4c8c29528d91ed", + "sourceRecordsHash": "c7e83904604f2c94d15712931f4bd737b59a8dac344e3e37c94c7f9f124e359a", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-5f036419dc3080297d026fdb", + "humanNextAction": "homologar rota administrativa auditoria para mcps/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "mcps", + "profileId": "usuario_final", + "routeId": "mcps.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "8a013fe9f4be06bc2ba6216471df26053e12c4be77e5ca2d96ea58c4bf2490e6", + "sourceRecordsHash": "5f036419dc3080297d026fdbaaeaf8bf6c844d1db0f0faa77527543caac8660f", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d0e4c8400a964edd67e5817c", + "humanNextAction": "homologar rota administrativa consulta para mcps/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "mcps", + "profileId": "usuario_final", + "routeId": "mcps.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "349825be0891d9d9722f0a8c979ee5744fbf59171328a62af2b677d6ee1a6bb0", + "sourceRecordsHash": "d0e4c8400a964edd67e5817c125d030e607c18a2138915d563264f2776f3b178", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f7058ba3b7600deb33a6d2f2", + "humanNextAction": "homologar rota administrativa diagnostico para mcps/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "mcps", + "profileId": "usuario_final", + "routeId": "mcps.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "5790ffac87de43ae7dc1efc00475968af647c7e659fa6b774cee57ffe2e013e9", + "sourceRecordsHash": "f7058ba3b7600deb33a6d2f2e45f7f4d4c677f4ff25039b1e69efa1069108a2b", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-cda60200d392b2fb9b8edc16", + "humanNextAction": "homologar rota administrativa explicacao para mcps/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "mcps", + "profileId": "usuario_final", + "routeId": "mcps.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "058e0bf084da7aaf4ac3da9ace1c5a867cf4b2b75d6af95a1aa0333a62c75bb0", + "sourceRecordsHash": "cda60200d392b2fb9b8edc164f4d7e255ba49c90f868d9923612edb23c7852e9", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d1397e4817df5543ea22707e", + "humanNextAction": "homologar rota administrativa acao para platform_base/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "administrador_empresa", + "routeId": "platform_base.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1a7ff8451fd674f7a18c60b190acd5dda87588333459d9c095c4ed7380e145bc", + "sourceRecordsHash": "d1397e4817df5543ea22707eea508db1d93d30462e60cfae5048df80a58e5eb1", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-e7f1ba3ff550869e85e155d4", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "administrador_empresa", + "routeId": "platform_base.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "43702a7915cf4c1cd822a5cf556a626d40655d6ea41afb049cfdd0348eb4b1a5", + "sourceRecordsHash": "e7f1ba3ff550869e85e155d41f5b851fac12e9d48c53d608e4e38f47dbb8a352", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f85dac8479e3aa279531b2bd", + "humanNextAction": "homologar rota administrativa consulta para platform_base/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "administrador_empresa", + "routeId": "platform_base.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "c9807c75c9a23300d7fbc679914d51b7225b3b6f92d9f4af0527be5fd009cdfa", + "sourceRecordsHash": "f85dac8479e3aa279531b2bd86194a498bdb71eca01520c886b7344951e1426c", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4da4c177a9643e83a9079785", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "administrador_empresa", + "routeId": "platform_base.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "35a7ecf97d0fd5471eb317c25e6bf09c9d5ae49e08f6f4afc115c20b17f8ac64", + "sourceRecordsHash": "4da4c177a9643e83a9079785a4937b8d8666ed235f922f02aa39c74516e69494", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-29528d931a83f0056e86c406", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "administrador_empresa", + "routeId": "platform_base.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0cf72c5dfdf185a18ce0cdda38dc43749f96c982e352c02276e1ee01d3ba5dd6", + "sourceRecordsHash": "29528d931a83f0056e86c406825a53d853e0c66953b33adadb57bb6ff69b152d", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-98fa40d2123bf9c4b5590355", + "humanNextAction": "homologar rota administrativa acao para platform_base/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "atendimento_cliente", + "routeId": "platform_base.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "800b6d42c5f9a616a73038b63a8906b5956181ede94725d7015d492c107b0285", + "sourceRecordsHash": "98fa40d2123bf9c4b5590355906f939e480fdf3c4aae890768368968e2eed885", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-3da416f3038c3a50e43db3ca", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "atendimento_cliente", + "routeId": "platform_base.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "bfdf17ae73bd96fb03eea08ec22c8f66a5f260847d4c8b773c52b30c737d3fe7", + "sourceRecordsHash": "3da416f3038c3a50e43db3cae9aaa2b8dda4c1bccec8c3412d0e2d2f495acfed", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-48377a153f7d12bdcc36665d", + "humanNextAction": "homologar rota administrativa consulta para platform_base/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "atendimento_cliente", + "routeId": "platform_base.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "1a50bddc04ce1f97f780d63ea1dc19741a22289593003038eab7882b098f14c5", + "sourceRecordsHash": "48377a153f7d12bdcc36665d95e9ac1b974ecdc5663b0bfe272009bc433eba90", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-af0d93011df3e5c96757524d", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "atendimento_cliente", + "routeId": "platform_base.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "1ec20af4ed4b527316521bde4fae99a447283f54629ddf0ef7e86f7ae317a07c", + "sourceRecordsHash": "af0d93011df3e5c96757524d6ef700c0cd20773e441be68c9fe5937abd206892", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-04c88fef522e7a71f1ca007b", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "atendimento_cliente", + "routeId": "platform_base.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "35791074a06ca2d7e6833f1aec6bdfde9d8e16985ac1e4486ee774b25298bbb3", + "sourceRecordsHash": "04c88fef522e7a71f1ca007b88f291d334eb4d730d8010613b854c931795116f", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-3a26509e3767c56a6df5c3ac", + "humanNextAction": "homologar rota administrativa acao para platform_base/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "ceo", + "routeId": "platform_base.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "55831a7fce2d6ea671e802bbe5e87da630281b7b18f163274720a65980d15562", + "sourceRecordsHash": "3a26509e3767c56a6df5c3aca196ece31f71af869408859f0ab800b9f635ec3b", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-cca2797590077f8349d24bd5", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "ceo", + "routeId": "platform_base.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d016d1fa4debc4c052d22e88f12f316256a59ba3b19db091dd7dbb8d9b0436a5", + "sourceRecordsHash": "cca2797590077f8349d24bd5985c29ae9a98386c7cdb6f72c356043219d09c67", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-c16738d63fad330503d2ab12", + "humanNextAction": "homologar rota administrativa consulta para platform_base/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "ceo", + "routeId": "platform_base.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "93111066866859b26c3efd6a2a61c293ed832c4f11ffbe0ea2b098d82d93759a", + "sourceRecordsHash": "c16738d63fad330503d2ab124f14ce0d81163945fc7eda1b60fe52dfb6a30b20", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0bcf2c11f1255724212fb16d", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "ceo", + "routeId": "platform_base.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "694fd8e98c0362450253b38af70c42ac164a6c1dce75eebeebf0ef2a1cac8e4b", + "sourceRecordsHash": "0bcf2c11f1255724212fb16d569cbb51854f55c7a19061f75008c9d8de516548", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-28ee3572f27c330f2e49afa0", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "ceo", + "routeId": "platform_base.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "adcfb3e46a9d2faf1cfebf53aa434a445921eae106f4e471c17476ba153c6238", + "sourceRecordsHash": "28ee3572f27c330f2e49afa0f641d86fc8fd2af7ee6292bb9139ac5b3606f459", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-1542d41b83c5fb01d28535ab", + "humanNextAction": "homologar rota administrativa acao para platform_base/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "cliente_externo", + "routeId": "platform_base.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "182f6072c7b1cb681ea5a541ec29a5faa5f32860f32dffcf16efa4556ee34a29", + "sourceRecordsHash": "1542d41b83c5fb01d28535ab73f5f82e258e1bef69487bdd5bde19cf51e08356", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-5a473c36e08a6c8555cc80cd", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "cliente_externo", + "routeId": "platform_base.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d7ff99e890d447ab8f2f585bd22711f1860293a79a78a453a7130c3f477064f6", + "sourceRecordsHash": "5a473c36e08a6c8555cc80cd177e56e0d1285b16136c48f4b0d31f4655adf404", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7fd0b5bcf0748924edbf11f5", + "humanNextAction": "homologar rota administrativa consulta para platform_base/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "cliente_externo", + "routeId": "platform_base.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "9123c02af00b723e4a3013ad37cbe9630a6af3d7e01abbbe209785308dd5758d", + "sourceRecordsHash": "7fd0b5bcf0748924edbf11f5569c4a30c3bc4339988b371cba9bf4a95f91b997", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-cd79e691cbfefba35e6eaed8", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "cliente_externo", + "routeId": "platform_base.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "9c1017f8b4c09528293e12006e20443ec06706d0b50774c1495a2e98c0809f47", + "sourceRecordsHash": "cd79e691cbfefba35e6eaed80b99c316cae5075575b16196a602ac9d77095e0a", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-5b5ec4ae249b07b2114f0b3f", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "cliente_externo", + "routeId": "platform_base.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d40989cfc00bd66348105503592efc28b8e107fe5066d3fe7fa70588ee8bc00c", + "sourceRecordsHash": "5b5ec4ae249b07b2114f0b3fbf2caa29f5fb32b3273f1d6daa5848109f6e6c20", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-dcbbb3d1d458d04cee4a5668", + "humanNextAction": "homologar rota administrativa acao para platform_base/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "contador", + "routeId": "platform_base.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a481a6e823dbf2e709b412e6cd0e222554af12d4186b6f8cb4d01c672e2cb227", + "sourceRecordsHash": "dcbbb3d1d458d04cee4a5668684008cf6d5b9a27f309d92770aa92478f274a8b", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-3d4d3f6e880ed8b9c19be93a", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "contador", + "routeId": "platform_base.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "3e37c1384c65387a180991a862d39ef84c0bcd19cd2dbc425d18c2d01a9d84d2", + "sourceRecordsHash": "3d4d3f6e880ed8b9c19be93ae4111900fb805fb1a0956601da212ffbe1f92da0", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-3d6a1724f1500bc6edb20f3d", + "humanNextAction": "homologar rota administrativa consulta para platform_base/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "contador", + "routeId": "platform_base.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "4b0b7d9ccea30a9b3ac3262a52d102c3867a6a4a54020e3318d4e7f54e4f9a3f", + "sourceRecordsHash": "3d6a1724f1500bc6edb20f3d142936848861f8351a8d355c7a8dc1d31b9033e8", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3e06b6c028c575fae54da2e5", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "contador", + "routeId": "platform_base.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ae6d1abc87abe63f54800927a27f178674434f411166de924e9ceefa5619b110", + "sourceRecordsHash": "3e06b6c028c575fae54da2e549e7dc4f29a3f8c6f1f1564c0e94a72f59532d3a", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-670e29a7ed61c62814cf2aca", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "contador", + "routeId": "platform_base.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "06117f7b1ebd9735e73f265281f07147a7d7f9eb58b5c0d711402cb4e081223c", + "sourceRecordsHash": "670e29a7ed61c62814cf2aca7caf895ec90c9047bb9e8e94bc3bcd59fe914fd7", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-b665fefe8dc6445658c2d64b", + "humanNextAction": "homologar rota administrativa acao para platform_base/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "financeiro", + "routeId": "platform_base.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "128a7c8978639811c27976c47babddb55003a9a14adfd83c2c83b7e4b01fc4fb", + "sourceRecordsHash": "b665fefe8dc6445658c2d64ba7e3ac47bbb3746ecadf9657d410769b727ec89e", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-7466ad9e0e433c2f63afb9a0", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "financeiro", + "routeId": "platform_base.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "5ccb9bca0b4c08e2e5c225c0a51bcc7fa6338343b4d60480664b89a0a2afd7e0", + "sourceRecordsHash": "7466ad9e0e433c2f63afb9a0521a386273a89e22acc8bc9abb7bdb0e27d45ff7", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-31749edfb6f3516eab893c34", + "humanNextAction": "homologar rota administrativa consulta para platform_base/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "financeiro", + "routeId": "platform_base.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a57da1c67812c5d20190d1e20e939fcc11334391292ee0d98702824fb15acfcd", + "sourceRecordsHash": "31749edfb6f3516eab893c344cacb2d67e49c67f38952ab04a83f66f20df2584", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-41c0d274634355757352400a", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "financeiro", + "routeId": "platform_base.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "b167c6b1694743255052d1e4251ae99d84bb27d43ae68e7fc36a2365cea59e79", + "sourceRecordsHash": "41c0d274634355757352400ad52baacd3cd1de57b235289f7c0967811538c16a", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-10ff2da799ff5c16cfd994ba", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "financeiro", + "routeId": "platform_base.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "dfaa33bd584927e3252685c5c673d2b34b5b338ea5e370d8739ce9b451042e56", + "sourceRecordsHash": "10ff2da799ff5c16cfd994bab8e57a18c851df16a38d4e392d479fce70f20c7b", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-417d43e7fcb7fac830afd008", + "humanNextAction": "homologar rota administrativa acao para platform_base/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "gestor_operacional", + "routeId": "platform_base.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0a8bbc38c07f01f21a2ffee950a91d50a133e8d09e823ce698e008f6f10621cd", + "sourceRecordsHash": "417d43e7fcb7fac830afd00829c062ed6e1b0c34a0f88f08a0fc09e68afa5414", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-97727869fea4537a904058ac", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "gestor_operacional", + "routeId": "platform_base.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "2a478bcd2545ef35ef8577fa3b70d31494611f8c65c0ad53ca6254bcbc5c047f", + "sourceRecordsHash": "97727869fea4537a904058aca019b110b85c9a5cbbd9c52b81f13c448a048726", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-9d2d8f823bbc0aee39265efc", + "humanNextAction": "homologar rota administrativa consulta para platform_base/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "gestor_operacional", + "routeId": "platform_base.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3032967ded2f539bdc4702fb99ad48f4a0912a1c07c57bb638edd749eec9f188", + "sourceRecordsHash": "9d2d8f823bbc0aee39265efcdc0c8f6d742ecf3783cede251b3ee184e988a5c2", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-c2b03d99ddd1d9cd8bb380d3", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "gestor_operacional", + "routeId": "platform_base.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "54cf2493f9548e7b749319a89bb508ab38a29cc8a8ee1abdcc9ca738dac093cb", + "sourceRecordsHash": "c2b03d99ddd1d9cd8bb380d3ebaf4a7dfcd27b176154ce5e53948bdcee9be622", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-c3ba59d0ba4b9c13dbedf3a3", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "gestor_operacional", + "routeId": "platform_base.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2efda0fb5f9888d2b60367e3e7955d19a749b24dfe122cf5ce5da6a7cd5f351b", + "sourceRecordsHash": "c3ba59d0ba4b9c13dbedf3a3410a616c2ca62e665f1dda0b5656d447b269ab74", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-132bbdd0201390ca2084d82b", + "humanNextAction": "homologar rota administrativa acao para platform_base/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "juridico", + "routeId": "platform_base.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0afe7793c61fbcaff0a59594e13a0f1291756590fc899ff50e531f0c250aa845", + "sourceRecordsHash": "132bbdd0201390ca2084d82b9dde0aef38320fd7454abc758b3c3123998e2d38", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8c2a6150e9be682dda9bb877", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "juridico", + "routeId": "platform_base.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b69a74d30024ae12d8df806056488fbb8edeec8ad32c3e3197e095491d06e784", + "sourceRecordsHash": "8c2a6150e9be682dda9bb8774058062aaf82d96ce826c44f9c4930f7e1c2e97d", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-73a7c837d50dd14f39eb039a", + "humanNextAction": "homologar rota administrativa consulta para platform_base/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "juridico", + "routeId": "platform_base.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "78eff3071ed21b2ed9df16a6d40f3ea26410006d8408d8379adeabb4840dec93", + "sourceRecordsHash": "73a7c837d50dd14f39eb039a52f94584fbad8cc2ae8beda1e8a92aa978e03003", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f38163ace7ba6e275eb6943d", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "juridico", + "routeId": "platform_base.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "29bf04abf29ee0f361c5f312cd461028e3f64be8df0eecdf8e3f8b8029b04ee4", + "sourceRecordsHash": "f38163ace7ba6e275eb6943d1c7c719c6cfadecbebce832973c4a07162dcc7a0", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-73a2e0684d60d242176da6e2", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "juridico", + "routeId": "platform_base.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "65b8848d2ecf5f8cc05f15614b986d9f792d6feb8c95fc996a606e5ee6ed573d", + "sourceRecordsHash": "73a2e0684d60d242176da6e2a47e141858c100a75d018d7685d186b0be082e5d", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-6fc0d1cc9664d132f2f62505", + "humanNextAction": "homologar rota administrativa acao para platform_base/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "planejamento_estrategico", + "routeId": "platform_base.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "644cd8416792217b62450a158ef5337276b9b94c4d80c84c6d5aeb75a7451e3e", + "sourceRecordsHash": "6fc0d1cc9664d132f2f6250545d39544f01d0ae8edc6b2ffc6068ca332a6cc74", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-9e2e61aca36885973fca3b27", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "planejamento_estrategico", + "routeId": "platform_base.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "99eea319bb8174762626a58d5e126036c9c43dc7f9f9400a2176cb59247c0adb", + "sourceRecordsHash": "9e2e61aca36885973fca3b2765d5b2a86a64fc68b3a2863dacde05ec2f5498ea", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-de5cce41812b1674bf6113bf", + "humanNextAction": "homologar rota administrativa consulta para platform_base/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "planejamento_estrategico", + "routeId": "platform_base.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "6a8e71cc5ca02cb58596bc8f004f07d8516fdd361c315298cc7f69681b8d39b2", + "sourceRecordsHash": "de5cce41812b1674bf6113bf4c3c1b572eeb73e4d217cb6308e3c2c5c584e5c1", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-91ea08d8d52bd1c9b4bac5fb", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "planejamento_estrategico", + "routeId": "platform_base.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "9235c6f77492f14961579d7f9fcfa13209d0c2e45ea5ecdda84f80bfdb5c15e8", + "sourceRecordsHash": "91ea08d8d52bd1c9b4bac5fbfa2189b40596c9926ac38b09b58b75bc89c51c66", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-9c7d29f9efeed9b704465295", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "planejamento_estrategico", + "routeId": "platform_base.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6c2bb898cfe8e807d50fa9a907df7b81549c19c164c02c3fbdf90fd258d6f071", + "sourceRecordsHash": "9c7d29f9efeed9b7044652950aefe22ea4537605e5c6402a86b96ad6b63bd805", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-364c95a5ea33639ac5ab1e15", + "humanNextAction": "homologar rota administrativa acao para platform_base/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "secretaria", + "routeId": "platform_base.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "24e77b60c4491c24577ccc2ad4afce0c161db7efeb3070abc793cb96677b0be4", + "sourceRecordsHash": "364c95a5ea33639ac5ab1e159cc06de2574bd39e4171f856cd1963df133bf3be", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4a2b72b6abff354417312d91", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "secretaria", + "routeId": "platform_base.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "551ddc331cef591f312a721b7f5f218c2579c447106d717370859180100a6757", + "sourceRecordsHash": "4a2b72b6abff354417312d91ffdb68f4589c4cedbb6d88406dc38cc4f2ae980c", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d47022ffd52edc4e808d2bbb", + "humanNextAction": "homologar rota administrativa consulta para platform_base/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "secretaria", + "routeId": "platform_base.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "ad244b0b0d239cc9d517d1fc40701d96785e6c92754198149dc51ba44d9ed068", + "sourceRecordsHash": "d47022ffd52edc4e808d2bbb311835982e6a60af7eb6e38e08259d03cc75e9cf", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d210758a0bb60cc8cc1ed4cc", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "secretaria", + "routeId": "platform_base.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ceaf300794dbc2d95da8a50aa49363f692c5aa0f72906d61926724bb8c95efb3", + "sourceRecordsHash": "d210758a0bb60cc8cc1ed4cc400ca0c0e8c56e13d3696a5fbdd1a3da6c98a2cd", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b83ed6d75faa838b34a584d0", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "secretaria", + "routeId": "platform_base.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a652686b59d0a84b11a46663432bf5e6381af356d5aae5262b1768844db0c3f3", + "sourceRecordsHash": "b83ed6d75faa838b34a584d05394afbc2940bbde4410e0c2da094a70604b4538", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-fa573d8d6eb6e6305a1c5c02", + "humanNextAction": "homologar rota administrativa acao para platform_base/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "suporte", + "routeId": "platform_base.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8417da06255521728819bbb9d4e7e5d5c16c49f4c3b7b8aaa987ef61a42fec86", + "sourceRecordsHash": "fa573d8d6eb6e6305a1c5c02ac89e2d656f7879b3452545ddaa2b656a58895a0", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-47a359703c3832f57e72ef11", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "suporte", + "routeId": "platform_base.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "10c6886b343af32bfc6e01636852b064e1ea988cdd3a1246289ce8a798738de2", + "sourceRecordsHash": "47a359703c3832f57e72ef117cb19bd17f4276a1287eabb23c9ebda659c9da17", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-2ac3a8f12230c256dfab68ac", + "humanNextAction": "homologar rota administrativa consulta para platform_base/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "suporte", + "routeId": "platform_base.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "03d84fdcfa2fbde36fcbaf333402bab7b704cb84b07fb0ddc5235cc1142f082d", + "sourceRecordsHash": "2ac3a8f12230c256dfab68acea33cdf9c52bcb2cca3b6e442f4f4df4fefe0dc8", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-e341afdf6a633711cac32641", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "suporte", + "routeId": "platform_base.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "dd44cb98c239206d1d4858a239bc2da26131b91951884e2ace8bf30aad547d45", + "sourceRecordsHash": "e341afdf6a633711cac326415c6db8b68070d5e4a67ad65c1ad1f4649f34e52b", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-9a0d45054caab3ea3b375378", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "suporte", + "routeId": "platform_base.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "91ecc8b6751530441266aa76a32f5e9910aba9d9654afb98fb0af5243ca34c2f", + "sourceRecordsHash": "9a0d45054caab3ea3b3753781dba38fd513f35649e9ff238b74472b6f0c8aa38", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-3946eae3030540f5816a167d", + "humanNextAction": "homologar rota administrativa acao para platform_base/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "tecnico", + "routeId": "platform_base.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "459cd947d57de5978f8ebb2213c469b914e6054dfb3da7eb324f0bb3b525d893", + "sourceRecordsHash": "3946eae3030540f5816a167d6bccbc77fb85b6a25f0f23ad66bc62ba0895e2ec", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-04a9dcbdcf8424191745b6bb", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "tecnico", + "routeId": "platform_base.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "dd82c878f36fe2ecdb7179f182f23e09e0764cef4087cd36bf3e30950678e4c5", + "sourceRecordsHash": "04a9dcbdcf8424191745b6bb71f49f8e8a44ad52e6c445e3a001694afe415d07", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d644e71596667f455b9a18d7", + "humanNextAction": "homologar rota administrativa consulta para platform_base/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "tecnico", + "routeId": "platform_base.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "ec5066f1d6bd438fb355595fd4fac34aa931f22bb05b3a668923333c8f0e746c", + "sourceRecordsHash": "d644e71596667f455b9a18d74320ef0660dce7dcbe907a5110824785d56dbbb0", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-cc6f3afc2e5ab81f9dc1ab10", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "tecnico", + "routeId": "platform_base.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "aa905aa16b9283af692bd899309dc941d8f570f9e867e4a1f0ac26a4f72332c7", + "sourceRecordsHash": "cc6f3afc2e5ab81f9dc1ab10b0d7635a98036ffdb23ddd635aacb4444ef3bd0a", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-13687fad9ed22fd2ecf77f9f", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "tecnico", + "routeId": "platform_base.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "826d5d154aa55ee7555a17bbaa9fc2d891281a016a40d27f048483e9cebcb259", + "sourceRecordsHash": "13687fad9ed22fd2ecf77f9fb68ce2a6bef963b541a5eee50c6d57d59ba79838", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-620dd3db23cc3d828b699a02", + "humanNextAction": "homologar rota administrativa acao para platform_base/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "platform_base", + "profileId": "usuario_final", + "routeId": "platform_base.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ec8ae11c7098dcb2e69ea1fef86f8858c0df50f99d7f1d737af49ca6e5675b20", + "sourceRecordsHash": "620dd3db23cc3d828b699a020bba6f4e0ad0b2b9f7dcdaddd8c39d0af056863f", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d6bd394eb2b502f32d64803a", + "humanNextAction": "homologar rota administrativa auditoria para platform_base/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "platform_base", + "profileId": "usuario_final", + "routeId": "platform_base.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "e9ac2f4491e4f0f8f329cf33af2472ada996c3efdba856bd71fdfab62ed57dbd", + "sourceRecordsHash": "d6bd394eb2b502f32d64803aa244ebe7082d253a3081730f26fddfad182aac7d", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-88841d254094f0f591c22de7", + "humanNextAction": "homologar rota administrativa consulta para platform_base/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "platform_base", + "profileId": "usuario_final", + "routeId": "platform_base.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "64158b44630375378ce7a050b703fee88c3b395d72a61bd6ce633b1bd4c61813", + "sourceRecordsHash": "88841d254094f0f591c22de756727376ece1bf13cab4f1bd21c4fa0fcfa6c470", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f54ed61e4b7aabea159c6c84", + "humanNextAction": "homologar rota administrativa diagnostico para platform_base/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "platform_base", + "profileId": "usuario_final", + "routeId": "platform_base.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "0362b8deae561d2c3488349313ed25a0fc9f3d32118ce9cb91c09744d3a12d5c", + "sourceRecordsHash": "f54ed61e4b7aabea159c6c84b41db5601ecbe607d380eff9852d35e292901794", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-58927bcd883440c2cdd325a1", + "humanNextAction": "homologar rota administrativa explicacao para platform_base/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "platform_base", + "profileId": "usuario_final", + "routeId": "platform_base.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9f9e957ef6b46c895c1d14afa40b8965c70e9c04702af753a94c76e5e5627ed9", + "sourceRecordsHash": "58927bcd883440c2cdd325a1acf024a603305b0199246be6d066615d59177f1d", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-38ad0b001299cdd0a3895e24", + "humanNextAction": "homologar rota administrativa acao para public/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "administrador_empresa", + "routeId": "public.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "70c09fe92f6735dc05e2a78311afba28dd6b017e994babd4fc3e23bd518f1b87", + "sourceRecordsHash": "38ad0b001299cdd0a3895e2479e43408918322317d4d0b7c916522ec94e2b6af", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-fc6a9c96e0a1f828ada4d395", + "humanNextAction": "homologar rota administrativa auditoria para public/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "administrador_empresa", + "routeId": "public.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4b2653068e23b6a29e73d1639495088efbc508a834b0bc955373c015ef4641ed", + "sourceRecordsHash": "fc6a9c96e0a1f828ada4d395b300a470fed5f2fbca56dae064f52a627f6d3855", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-0897f64598cf9c942f25767e", + "humanNextAction": "homologar rota administrativa consulta para public/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "administrador_empresa", + "routeId": "public.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "4321dc720718a64f7f2cfe35b7342c745248a0b7e206223aa3ff84eead9471e5", + "sourceRecordsHash": "0897f64598cf9c942f25767ef368ebf3b1ca5758bf8e8e2c9d6c4c56a37a9da3", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f7f62bbd22252a0fd73b4b95", + "humanNextAction": "homologar rota administrativa diagnostico para public/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "administrador_empresa", + "routeId": "public.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "864bed0f0aac064a2407a3d76f675f511ed1f65458d9e543f62d80d07a02a5dd", + "sourceRecordsHash": "f7f62bbd22252a0fd73b4b95928406aa7d6e8a58a694cf3c91457c9bfdc32326", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4eaedbb70cc90cb7629105fe", + "humanNextAction": "homologar rota administrativa explicacao para public/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "administrador_empresa", + "routeId": "public.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f794938b09429301541927a6b9da2134156088389165b23c7e241514553c0eab", + "sourceRecordsHash": "4eaedbb70cc90cb7629105fe02cf3a01defa0110bde57f193657f476dd41e812", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-230f99afbd0dcc741a527b53", + "humanNextAction": "homologar rota administrativa acao para public/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "atendimento_cliente", + "routeId": "public.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3dff693510f47612768ded29a57e05a85ed9b967a1a27388c142761dcf943336", + "sourceRecordsHash": "230f99afbd0dcc741a527b53d32cd6909458204cfa8fd8d81a81dfe272ede02d", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-fc1ea5c77be2b2a292986c8b", + "humanNextAction": "homologar rota administrativa auditoria para public/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "atendimento_cliente", + "routeId": "public.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "75408efa7cbccb7426aeae963e136156bc2af79348c0a713b43dc68f42d8d36f", + "sourceRecordsHash": "fc1ea5c77be2b2a292986c8be1c42ad187a246be739effcb6a88452967628941", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-94f70fdf431a7e5b9355f8bc", + "humanNextAction": "homologar rota administrativa consulta para public/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "atendimento_cliente", + "routeId": "public.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "5002b519f466eae7a38daa109d715c9f8b379662138dc1abef545f86279a1c1c", + "sourceRecordsHash": "94f70fdf431a7e5b9355f8bc5bf5ff386237fd9a8d4010f479c281544ee12264", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-56f356b2010d816837f12f99", + "humanNextAction": "homologar rota administrativa diagnostico para public/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "atendimento_cliente", + "routeId": "public.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "980b21a4c4239e56ada15522a473272d62c7bd68a53c8c1c9b149e506cf3ec72", + "sourceRecordsHash": "56f356b2010d816837f12f999fffbe0917206e0ab2a17586d99a98b41b64bb73", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-61fd0a2ca23c7f41d79ae51d", + "humanNextAction": "homologar rota administrativa explicacao para public/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "atendimento_cliente", + "routeId": "public.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a5ace276734dc5f4cc988caa3431791e68cff0c0da7896887c188897cbe5b4df", + "sourceRecordsHash": "61fd0a2ca23c7f41d79ae51d344643da925b97f5d1fcb239e4635fc53b12307a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9566bdb3a2222cb96e26f9ee", + "humanNextAction": "homologar rota administrativa acao para public/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "ceo", + "routeId": "public.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "63404a723d53ef3c96af4ca6f634c6059bac085fb732b390118fba99a4f29a8d", + "sourceRecordsHash": "9566bdb3a2222cb96e26f9ee3770832a42998697277bd258089bc1eedab9e746", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-9d092c45bf3df2ca03bd8704", + "humanNextAction": "homologar rota administrativa auditoria para public/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "ceo", + "routeId": "public.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "da7a3f45dbdc72678c8eeac829236ccc6b40d9ba13e1bc6044441406c91bb1f9", + "sourceRecordsHash": "9d092c45bf3df2ca03bd8704fc081c7460f5bb6bfe06a0b7ab0849a5401c40da", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-87730be971111ba6befea3f6", + "humanNextAction": "homologar rota administrativa consulta para public/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "ceo", + "routeId": "public.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "413fd764c95c72ef7e38b60179e1d04011c8324a0783c83ac0a04565ae5b6030", + "sourceRecordsHash": "87730be971111ba6befea3f6869fb1278feb87dde1070b9658590f07c54dbb05", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4469eecaa81f0524f2647cc6", + "humanNextAction": "homologar rota administrativa diagnostico para public/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "ceo", + "routeId": "public.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "fbda18b1bf6066cb134f85228a71b25a4b4f308b84956c2ba6884e7e11bbf7a2", + "sourceRecordsHash": "4469eecaa81f0524f2647cc6f35c04a9f648bde8cf9fb80b6a06aeafe1a1028f", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8ea3d1659b6908a507fdf3eb", + "humanNextAction": "homologar rota administrativa explicacao para public/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "ceo", + "routeId": "public.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "64d8e3fa236e91a6f53c052ae9543e7efdaf1387506a84c7165ae79f4372e84b", + "sourceRecordsHash": "8ea3d1659b6908a507fdf3eb9856f82e1865f199e5f5c9d1200759e1628810a1", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-bf11e5b6a4498f72394ae63b", + "humanNextAction": "homologar rota administrativa acao para public/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "cliente_externo", + "routeId": "public.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "2d837307a9109c0d2e766be326b58d77cbd8fe4c624686d4a85100e5f3eed8ac", + "sourceRecordsHash": "bf11e5b6a4498f72394ae63b5549a46406663a403f94bb302fe000aeefa959e5", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-816fd1f171186e7c92cdd0d0", + "humanNextAction": "homologar rota administrativa auditoria para public/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "cliente_externo", + "routeId": "public.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c0f0d51a3143390b51099c199f3548c3a38d73ebff6b0a5a997c89b928a5af75", + "sourceRecordsHash": "816fd1f171186e7c92cdd0d0f266b65285ca562522bf68b675c6978b53c18399", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-6ed5a774705440321f834fb8", + "humanNextAction": "homologar rota administrativa consulta para public/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "cliente_externo", + "routeId": "public.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "366e077c2f29643b2ee62e784b0f9fe93b1f1144a6356957b9f687581c792702", + "sourceRecordsHash": "6ed5a774705440321f834fb805516f58a17be5f116ce0f0e828deff1abd50554", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-cbae58fd5eb64b1cf8a4514a", + "humanNextAction": "homologar rota administrativa diagnostico para public/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "cliente_externo", + "routeId": "public.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "8ef31b7b435e436fc6563519089a1b584679a9c09f440251685057061fd67b3d", + "sourceRecordsHash": "cbae58fd5eb64b1cf8a4514a8421b707d7c483fbed74470ad27b645d21fb4d20", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-66fd904c37f80293f31793d5", + "humanNextAction": "homologar rota administrativa explicacao para public/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "cliente_externo", + "routeId": "public.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "275ecdba52744718ac52244d0420253901c5a7b9e13d16af4c1e7dbf653ae90e", + "sourceRecordsHash": "66fd904c37f80293f31793d5e8e3f2f59172052df4bc013f057c69b124d357af", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-1c715dbb06ac377a9a814c0a", + "humanNextAction": "homologar rota administrativa acao para public/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "contador", + "routeId": "public.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "888a49d9d9d318b935b90848c1c6b9b9b8951e067a2de4adc6e9e21926d40ee5", + "sourceRecordsHash": "1c715dbb06ac377a9a814c0a1d6a5ac1ed8f6d054fd592785e0f3af11a882ea8", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-71e8e922af011ca661844b3a", + "humanNextAction": "homologar rota administrativa auditoria para public/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "contador", + "routeId": "public.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "dfae29f5d13a7f3062b232a9f5d29263c2e6e4c7697c9004fd22f2d54efaa810", + "sourceRecordsHash": "71e8e922af011ca661844b3a6aeb7e2fec64fcdb20f7abfc00d5b3eee9b40e1b", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-4e10ce9edda7cbc9cdaf9095", + "humanNextAction": "homologar rota administrativa consulta para public/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "contador", + "routeId": "public.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "4493f488875357e296cfd0791b149a0dc6f844ba0b60eb5825226d6a8d1594e1", + "sourceRecordsHash": "4e10ce9edda7cbc9cdaf9095a0efa8d3541f4ff529bc917c892794bb3df226e3", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-c27e84bd7e73a64d358bf38a", + "humanNextAction": "homologar rota administrativa diagnostico para public/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "contador", + "routeId": "public.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "63f7ebf3a5c269af7ea871c9fb9d07971e27a4a7b0ee19850120374efbce2660", + "sourceRecordsHash": "c27e84bd7e73a64d358bf38af357c6923dd743f0263f23a9813507d306f5ddae", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-c13249624a3ccb7341b78846", + "humanNextAction": "homologar rota administrativa explicacao para public/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "contador", + "routeId": "public.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "65b9d7864dd48fb7e56327a14e6168fbfd1ff64d08398a7ee78ac199fa189f91", + "sourceRecordsHash": "c13249624a3ccb7341b78846e9b2af46609b5d0509b03b2e1412da0c802b8e86", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-fca6ecaa1fcfa137261c19eb", + "humanNextAction": "homologar rota administrativa acao para public/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "financeiro", + "routeId": "public.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "53230a367d2f427622f89499b43463ec6f7b41f4a80eb30345f17fc3515248d2", + "sourceRecordsHash": "fca6ecaa1fcfa137261c19ebc655105bc8be8bc39efcd64c03284421ff84f0d8", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-fa67f95f46c0748ac9e6fd8e", + "humanNextAction": "homologar rota administrativa auditoria para public/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "financeiro", + "routeId": "public.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "360979f07d0911452cdd19d6be90de32f479d9f93af1102ee945da7218a5c5ed", + "sourceRecordsHash": "fa67f95f46c0748ac9e6fd8e863b6f0995da5f189365b356a7975bb821603ecd", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7cb658e0061fd8141bbd171e", + "humanNextAction": "homologar rota administrativa consulta para public/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "financeiro", + "routeId": "public.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "381a169a6c618ed5d442ad81d7efaa2ea114d37e19f89c0a6bc4bebd95a186df", + "sourceRecordsHash": "7cb658e0061fd8141bbd171e37242edfd51588932160c00197134f9e5bab1353", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4ba2121bb62277671373041b", + "humanNextAction": "homologar rota administrativa diagnostico para public/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "financeiro", + "routeId": "public.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "1de163d818b4f5c57abf6ba8bb587f29c270f2d0091831517e17aaf6a1a2d896", + "sourceRecordsHash": "4ba2121bb62277671373041bd516ba1f5ba178962aedbba82d6afdc4c854c161", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-730fbf5673c1bdc6970ec66c", + "humanNextAction": "homologar rota administrativa explicacao para public/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "financeiro", + "routeId": "public.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8096ed49ec1396beb78d95dafb5647e657e8e8a80f54b5d3dc2373fb7fc62917", + "sourceRecordsHash": "730fbf5673c1bdc6970ec66c117dd75cae525f0de005bbf8a0c5a08f308a91b9", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-1c6e54a0e1b5cfd94f4fed42", + "humanNextAction": "homologar rota administrativa acao para public/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "gestor_operacional", + "routeId": "public.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "fff76e33f61cb621103246da29fa7a104ae6c1fe0718c660232053f614d65e7d", + "sourceRecordsHash": "1c6e54a0e1b5cfd94f4fed4218d38fef4a08c1092c91ed2dc98d7caa7eccc476", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-2a110e5dfb732b6b87853d40", + "humanNextAction": "homologar rota administrativa auditoria para public/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "gestor_operacional", + "routeId": "public.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4986566cb7ad8250a369e2405f4694ab6c4d682b50cf2c3c17f85d2b57fe099b", + "sourceRecordsHash": "2a110e5dfb732b6b87853d40065d5228498b68524642ddac69c3661b9dc58f20", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ff692492064c6ae37d45b861", + "humanNextAction": "homologar rota administrativa consulta para public/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "gestor_operacional", + "routeId": "public.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "e53ae1853bdd13d4273c70a1ed0906bec9ee89701eac01b8473e0b9638c7f970", + "sourceRecordsHash": "ff692492064c6ae37d45b8610351e201d4479bf693477cfba78ea2e21d768d4b", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ba85aa8ac5cdeff2da2ca4b6", + "humanNextAction": "homologar rota administrativa diagnostico para public/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "gestor_operacional", + "routeId": "public.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "2d30ae45074d770fd4b3c2249f6fd62254be68fa5a304d6790bbc491e6f9df51", + "sourceRecordsHash": "ba85aa8ac5cdeff2da2ca4b65a0039d146d9321d1f98f5227d772afe65463522", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-fe2976e7ffda9b416ff9004a", + "humanNextAction": "homologar rota administrativa explicacao para public/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "gestor_operacional", + "routeId": "public.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "26e1d3fbaeb2b17032e428a7e50fef0dda3e308ff5e9566feffa68c1176b1d1a", + "sourceRecordsHash": "fe2976e7ffda9b416ff9004a973a9b7e139dd79484180d3b45ff39857663bf30", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-a9572c37dae928dc04a5b5e2", + "humanNextAction": "homologar rota administrativa acao para public/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "juridico", + "routeId": "public.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "49ba710109b2536118e00a2ae2c948629321818c8107b10be4b16fb9c1179fc4", + "sourceRecordsHash": "a9572c37dae928dc04a5b5e296a2a8a4471cbd48650b6b045a03a3d02e98d5fb", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-13f107a84bde2a940751a025", + "humanNextAction": "homologar rota administrativa auditoria para public/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "juridico", + "routeId": "public.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "078762a0afa92fbd37b927ccb8e4aef378b2f40c38ce80e6787f497feb5d182d", + "sourceRecordsHash": "13f107a84bde2a940751a025dd6bf0c61920690731e9548fcd1c248144ca9179", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-3ea300317e9980ac854f6832", + "humanNextAction": "homologar rota administrativa consulta para public/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "juridico", + "routeId": "public.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "c7e5c74c4311ab7d9a2ebf436431ec5c2bd2ff83b1de0af1f59d18e44f9041ad", + "sourceRecordsHash": "3ea300317e9980ac854f6832f10a814bd272f492381f07e56a35b04be76fd8c1", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0168e9f0b9d118de035f435c", + "humanNextAction": "homologar rota administrativa diagnostico para public/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "juridico", + "routeId": "public.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "3d3a4e569b425f94adc2777254f59f75852115614d388ab85ebdaa52ecd4b302", + "sourceRecordsHash": "0168e9f0b9d118de035f435c97933e2ea0d127fc4aceb77254b7b349d1dc1ebd", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-eebbd28ffb8a987d430b89cf", + "humanNextAction": "homologar rota administrativa explicacao para public/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "juridico", + "routeId": "public.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6ec33673ce7069d8191b735a1ba6edcc43ea8be92c6ecb99abeeaf392a98effb", + "sourceRecordsHash": "eebbd28ffb8a987d430b89cf4eaa6b619cec3bf6236fd7e5d3188147e7c77ebf", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d04b833573d656a71ec26e58", + "humanNextAction": "homologar rota administrativa acao para public/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "planejamento_estrategico", + "routeId": "public.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "da95dddec1ab03de25da42a8bfbfb2b46a47d49e2260b70ca678d4450a4f2185", + "sourceRecordsHash": "d04b833573d656a71ec26e58ccd72e93b57c2e9ebfccf2eb4063049f7c598506", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-45c51ed8fdd0477b74c2a0f6", + "humanNextAction": "homologar rota administrativa auditoria para public/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "planejamento_estrategico", + "routeId": "public.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "08e7c080c0bae7846e823c926cacd52a6522380de930791dad54cadc8acd6a99", + "sourceRecordsHash": "45c51ed8fdd0477b74c2a0f69eec16539855b3a70745125341007ffebd5deb0f", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-b9cbe387c4bbbcbfe2482e29", + "humanNextAction": "homologar rota administrativa consulta para public/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "planejamento_estrategico", + "routeId": "public.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "68cd2fad8eb4665001393700f6cc0d385576abd0b09066ffa483d694a5d2746f", + "sourceRecordsHash": "b9cbe387c4bbbcbfe2482e293d0aee6abe3ff328dbf54ca93eff368c60b958ec", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-47489c60d1e69f88350c6b79", + "humanNextAction": "homologar rota administrativa diagnostico para public/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "planejamento_estrategico", + "routeId": "public.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "1f3bfe16778bbc951c8ff57107b39cff497f88d557ae4ae0ba26ae249af6127d", + "sourceRecordsHash": "47489c60d1e69f88350c6b794093beac34c44d2e882db5e60e437e2fd768ffbb", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-4463d2fa972a1ddb5d80fd79", + "humanNextAction": "homologar rota administrativa explicacao para public/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "planejamento_estrategico", + "routeId": "public.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9a9808491a9b7426788a93c37084fe03772471df82083f057d75c8152f908058", + "sourceRecordsHash": "4463d2fa972a1ddb5d80fd795dcf8afd0915cafb3ccc69bbfdba8090c4e24ffd", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d535086775a5109b3ab44c6b", + "humanNextAction": "homologar rota administrativa acao para public/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "secretaria", + "routeId": "public.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d0dcbbc16ca469178d06c3bd20e64d6ee456d79264105ac011f45ef05468cbd6", + "sourceRecordsHash": "d535086775a5109b3ab44c6b1dfe804855b139e1bf0d655fe3b5e735f0572e39", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-25246b31471c1e71dbd9e8a7", + "humanNextAction": "homologar rota administrativa auditoria para public/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "secretaria", + "routeId": "public.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "010b02542b90f592098be5d818a43b2020e5a5bb7cdd1df36f6210cddc3fb526", + "sourceRecordsHash": "25246b31471c1e71dbd9e8a73dbbbd80c9e15cebd350d6dc5b498e10bac83a2c", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-af12a24a4d0ad6a86a2e5460", + "humanNextAction": "homologar rota administrativa consulta para public/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "secretaria", + "routeId": "public.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "235d7f1af458289569a0b4eb2d4ef563e7836a0fa9e08d2d979791637dfb3481", + "sourceRecordsHash": "af12a24a4d0ad6a86a2e5460e828c9121860a8a3f4f584367e4a46309c76e140", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4c8d69ed7ffff7e179858090", + "humanNextAction": "homologar rota administrativa diagnostico para public/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "secretaria", + "routeId": "public.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "e7fdb0ab5a2489785eb0fa62a2521d026435e971afd13c46e7714ed590d94004", + "sourceRecordsHash": "4c8d69ed7ffff7e1798580905f7a5ca92da50ecf3e2e32cce848d6733e99bcb8", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a1c44badc8968abcd78bf340", + "humanNextAction": "homologar rota administrativa explicacao para public/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "secretaria", + "routeId": "public.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "9bc32a484a045703848ba0dd613ce47c0f17a9f6ee8f340360f9bd393ddc852f", + "sourceRecordsHash": "a1c44badc8968abcd78bf3406eda99d29fcc5d5c3f8cc68e03fa1af3d2e6fd30", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-1b7ac7edfc0c36a89ce9f419", + "humanNextAction": "homologar rota administrativa acao para public/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "suporte", + "routeId": "public.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c70412660e7f4927468a561f2ec42e8f4d5460aecc20464ea1923875c7fed756", + "sourceRecordsHash": "1b7ac7edfc0c36a89ce9f4193772d21dde5b4aa85586cd6b9f45e7b4f9916142", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-2d4daccd7553b55a9d5fc4c8", + "humanNextAction": "homologar rota administrativa auditoria para public/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "suporte", + "routeId": "public.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "619538438123090f0eff2d8d5c820138dab21ce2dc402fa4f4cb552b13efb72e", + "sourceRecordsHash": "2d4daccd7553b55a9d5fc4c899f86e18e48fe59cfdf5af1d6dd4f7c563690e42", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-626c9e82bc4bc38c5d7ec216", + "humanNextAction": "homologar rota administrativa consulta para public/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "suporte", + "routeId": "public.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "5901eb525ddff266c105caebf274574f14b8d8159b416697ee4257d66fb24c64", + "sourceRecordsHash": "626c9e82bc4bc38c5d7ec216e9a65039343fab5995b70ea7378c562a801875bf", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-4d68e540040751dfeb000296", + "humanNextAction": "homologar rota administrativa diagnostico para public/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "suporte", + "routeId": "public.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "f72f4cb37b0d5ff5cd16ecf1bb03ab1ca94e99639cb45249b398918733bdbb64", + "sourceRecordsHash": "4d68e540040751dfeb00029646d8a345350f3cf82da394fc409b91b309794782", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a97b982b55b2155ae7628371", + "humanNextAction": "homologar rota administrativa explicacao para public/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "suporte", + "routeId": "public.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "573a3facc0653b18c02c51b157cbe41f73d502e72a479410872a4248fad17b58", + "sourceRecordsHash": "a97b982b55b2155ae7628371a5f5c879d5d64aa54c28ee1e6aecc649edcc52c2", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0b155e6c901bba3f772d55a8", + "humanNextAction": "homologar rota administrativa acao para public/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "tecnico", + "routeId": "public.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c2f06c32a949282fb792e3dbe16407d674344f742bbceef2423475b2fea86c60", + "sourceRecordsHash": "0b155e6c901bba3f772d55a863ab62ee1c016866a17f98262ed4ce10c7174509", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-73725264061aeed93ccbd02e", + "humanNextAction": "homologar rota administrativa auditoria para public/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "tecnico", + "routeId": "public.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "c2e1cd8f0b62bb1240c462bcaef0f927038e9859ecf39d936ce31ccf7a5ae4cd", + "sourceRecordsHash": "73725264061aeed93ccbd02e6b0056fc7296799f6b13573b950865b4d99ae776", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-6bd37868fc9a15837a8d75e5", + "humanNextAction": "homologar rota administrativa consulta para public/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "tecnico", + "routeId": "public.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "444f30c3060dafc720e17edbf2292475f735ed188fbc0f4e58cd7da266ba5871", + "sourceRecordsHash": "6bd37868fc9a15837a8d75e5eb5558d6fbde8bb721e57609b8056aad5b75899e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-131ddbb18706f5acb8725584", + "humanNextAction": "homologar rota administrativa diagnostico para public/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "tecnico", + "routeId": "public.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "94f7e575f7bbe66ba0fcc278c2abc4b40206d0bdfb581a51ddf814605425fe25", + "sourceRecordsHash": "131ddbb18706f5acb87255848caccfe00d2c6e6b64b982259a1c3615b2a7649c", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-6429f33f2d5734026864c560", + "humanNextAction": "homologar rota administrativa explicacao para public/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "tecnico", + "routeId": "public.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d49f09e28e0563512c256e791de46e3a426f29e7add1e9bac357cd9503eda4ae", + "sourceRecordsHash": "6429f33f2d5734026864c560ba291fe30ec63750e21a0b65870fc832fa2ee93b", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-536b13d24535ada15101eb35", + "humanNextAction": "homologar rota administrativa acao para public/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "public", + "profileId": "usuario_final", + "routeId": "public.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "36c83cf866bca1c10cbf35fe8284b4dc7e6fe21e9e774f1051cec821d0322492", + "sourceRecordsHash": "536b13d24535ada15101eb352117b6c5983227d1a1072d726d58d8d1ad0e2b3c", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8967a86e3a70ccc17223d7d4", + "humanNextAction": "homologar rota administrativa auditoria para public/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "public", + "profileId": "usuario_final", + "routeId": "public.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "461dd49af3b5ae7a5f4cc7fcf3a5d0517c2c182f7fb1ffa191bcf884c8e0de77", + "sourceRecordsHash": "8967a86e3a70ccc17223d7d4bd6a9da219ecad0219c8b6cdb82588c2430372b6", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7138eb3da2a65867274c4a8d", + "humanNextAction": "homologar rota administrativa consulta para public/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "public", + "profileId": "usuario_final", + "routeId": "public.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "685d986f51f1028172a18ac1457fb7dca8ba05d3ca215bce660b2c1f2ddbfe94", + "sourceRecordsHash": "7138eb3da2a65867274c4a8da52fb1806e165d84064122dad7af9e9cf71a1b6c", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-601a5768cde734540f6d3cb4", + "humanNextAction": "homologar rota administrativa diagnostico para public/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "public", + "profileId": "usuario_final", + "routeId": "public.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "aa3a01b3de6c6106d2b8d7158e120071183b8116a51838c72cda210a263d1e0c", + "sourceRecordsHash": "601a5768cde734540f6d3cb4452f40fce85908b215410165c01ebb01420c8324", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-23ca64922a9da8632be0ff21", + "humanNextAction": "homologar rota administrativa explicacao para public/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "public", + "profileId": "usuario_final", + "routeId": "public.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "da74980759f61f21861d1659b0f5de86faf452972121ea0aa6e02d6627df4adc", + "sourceRecordsHash": "23ca64922a9da8632be0ff2191e8d92e8a6f6d2286902cd45f8782c355200842", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-4e0cfc003e1cabf6251d0030", + "humanNextAction": "homologar rota administrativa acao para stj/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "administrador_empresa", + "routeId": "stj.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f942b3479d2ea9868a787649cb55fc4f9c1a4be9d64e275819956be35e6dcdf2", + "sourceRecordsHash": "4e0cfc003e1cabf6251d0030e092813043c107b403855132a0f61aadd37db3de", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-77b01b5d2e0edaed11aef5ff", + "humanNextAction": "homologar rota administrativa auditoria para stj/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "administrador_empresa", + "routeId": "stj.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "dd3de43418934c8d40eca49a55cc1a3dedc8ef24765e60e055aeabfbcc56f02d", + "sourceRecordsHash": "77b01b5d2e0edaed11aef5ff3ce9d53a742ae91d79f9f09f9d4ddd711dbe6d63", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-288d2d7101e9457a3f7bf0ec", + "humanNextAction": "homologar rota administrativa consulta para stj/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "administrador_empresa", + "routeId": "stj.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "4f9e090ebeb9e0a29967552c759a5c2b835618a8c2a8cbea2cf160adc7ceb526", + "sourceRecordsHash": "288d2d7101e9457a3f7bf0ec7f69d522020f5eb9b5115bee4a23845f802c8f9b", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a1af6896fc2e71f91ff4b8a3", + "humanNextAction": "homologar rota administrativa diagnostico para stj/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "administrador_empresa", + "routeId": "stj.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "b36a0a11d9d438e2600706d3859bec74216ec8ae37c6dd974c265c25ae1418ff", + "sourceRecordsHash": "a1af6896fc2e71f91ff4b8a3f4479d93cd8167f30e8c29fe2c8f271341b240d5", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-6b85cfe4d922b86f042a9ffe", + "humanNextAction": "homologar rota administrativa explicacao para stj/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "administrador_empresa", + "routeId": "stj.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d6aa11cd4ed0e5c3823525bc03bc4dc683d9904ec21b4a603206b0e20ecfce5c", + "sourceRecordsHash": "6b85cfe4d922b86f042a9ffe075f87b80e597b35d4dbc89dab196016a122e9c9", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-a18b1c6425ce27255b32fce5", + "humanNextAction": "homologar rota administrativa acao para stj/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "atendimento_cliente", + "routeId": "stj.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "4882816c48d7b482a299c8e6ca6e7e2e508988a572a79f34b2de0828e8ac57cf", + "sourceRecordsHash": "a18b1c6425ce27255b32fce5873510427ee347a93920a675b66e3137bca4503f", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-669c52d358d44bd081f7912b", + "humanNextAction": "homologar rota administrativa auditoria para stj/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "atendimento_cliente", + "routeId": "stj.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "4edb25c47e74f02fd8c495cbae82b603e6c524e2ca22e88bf1065758960b1f0e", + "sourceRecordsHash": "669c52d358d44bd081f7912b211e232c75510cf8afa6d9255c15349096c0b6f4", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-81f471ea333879874d44c710", + "humanNextAction": "homologar rota administrativa consulta para stj/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "atendimento_cliente", + "routeId": "stj.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "1dcf7aa246900d75339011b49d8237e606d2b279d8022b7743179b12afbb8550", + "sourceRecordsHash": "81f471ea333879874d44c710e14b9ac622fced4a03c47ae07bea6c5d9e515a49", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d0a3b492bda2e137e2d539cc", + "humanNextAction": "homologar rota administrativa diagnostico para stj/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "atendimento_cliente", + "routeId": "stj.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "91175ff136d2ee9b1bc0f93485ba9a5effdb2fb937b586f11bb2ed1bb5c9d501", + "sourceRecordsHash": "d0a3b492bda2e137e2d539ccdfe9d38c614c2ae9910f2c209dad6e136b5f9e7c", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-6bea8f174837edf1ebedffb3", + "humanNextAction": "homologar rota administrativa explicacao para stj/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "atendimento_cliente", + "routeId": "stj.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "a23c675e51d4039ea44cb009b8d67e78ff7e590cc47b06b27744cf31084d0043", + "sourceRecordsHash": "6bea8f174837edf1ebedffb3355aa23cac10461d418a5e5a98e49eefaac45fb2", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-dfa38d62c54b14873588322e", + "humanNextAction": "homologar rota administrativa acao para stj/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "ceo", + "routeId": "stj.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ae3e54ca290caa34502dc044c16312d3798fdc81886677a96bdb83b5f9a1b081", + "sourceRecordsHash": "dfa38d62c54b14873588322ec47eb064c2ada50f53f5cbc8468025e0e73c1015", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-ad32707acf1a4764020f329d", + "humanNextAction": "homologar rota administrativa auditoria para stj/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "ceo", + "routeId": "stj.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "b68dc7911431e411192047beda06b2a4020cb894226693bc0745d61b6f4ad3e7", + "sourceRecordsHash": "ad32707acf1a4764020f329de6c31ef77bbf2f4a805e1a46f742180040d12a50", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-42cfe0f3803bc873b21f9cfc", + "humanNextAction": "homologar rota administrativa consulta para stj/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "ceo", + "routeId": "stj.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "93df80dd0b073110a4d7f898519bf6c9d64e64979909e1bc59f2ee558bfe3000", + "sourceRecordsHash": "42cfe0f3803bc873b21f9cfcdaa2ace1443cfe9fceef127b4dd4505cde7a8008", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-dd2129db81fc1fdf2c0d83f8", + "humanNextAction": "homologar rota administrativa diagnostico para stj/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "ceo", + "routeId": "stj.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "6b1d23b618d3f2da674d0c49961ff15b80a49e9f401e296237ab3ba8efde7f68", + "sourceRecordsHash": "dd2129db81fc1fdf2c0d83f843b7e7429c98791a693b993c2d7b8558f5b6291d", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-6fdf4a4863b4011e5a23f294", + "humanNextAction": "homologar rota administrativa explicacao para stj/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "ceo", + "routeId": "stj.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "863c155e12542d971d161f82f00307755fceac273839b611f82f37edde5ef319", + "sourceRecordsHash": "6fdf4a4863b4011e5a23f294ce7381c74d7db8c99a660fcc004ba04c675b28d1", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-0ac937cdd1f5c9336c631cde", + "humanNextAction": "homologar rota administrativa acao para stj/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "cliente_externo", + "routeId": "stj.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3b713627d9be0fa92c4aab5eba12d1c6d8c7d80ef6aed43ed72e92cd1fc88854", + "sourceRecordsHash": "0ac937cdd1f5c9336c631cdec7e1769f151a6f8da3a968fcafe67a765658242b", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-0689b028d265158d0ca61fe7", + "humanNextAction": "homologar rota administrativa auditoria para stj/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "cliente_externo", + "routeId": "stj.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "fa77d41cc8ff22292dd0ada13c3475e85bc6c4574017a0faa875f261a550eb6f", + "sourceRecordsHash": "0689b028d265158d0ca61fe74da7f7ad445d7fc5957bb0e0c5d0669778bec305", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-9a711d03769aa20ed7fa11d9", + "humanNextAction": "homologar rota administrativa consulta para stj/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "cliente_externo", + "routeId": "stj.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "677732d13b08ed0cf126895844719354a8f01783b08fefe966aefc9aa6493f71", + "sourceRecordsHash": "9a711d03769aa20ed7fa11d9bd62f2f4255a0e7026807b6f8d53a99fef2a048a", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d4e14a224577c50f7273ccdc", + "humanNextAction": "homologar rota administrativa diagnostico para stj/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "cliente_externo", + "routeId": "stj.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "559447c8fd6aadc1b027280cd656db945eabae4e8c90f94c2d0a75cb6bc9273e", + "sourceRecordsHash": "d4e14a224577c50f7273ccdc070922ebe5a86165716a9a58cb06b32d4c1d0aff", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-cd9b450a69d6cfe7ce59f42a", + "humanNextAction": "homologar rota administrativa explicacao para stj/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "cliente_externo", + "routeId": "stj.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "aef766eb421c72afb216255c889b7fda28181788e1f3b0873d541847ca180f01", + "sourceRecordsHash": "cd9b450a69d6cfe7ce59f42ae9b4129c4cda084eb9954cffe9bd902365735d12", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e186ce79de6625301f7b16f1", + "humanNextAction": "homologar rota administrativa acao para stj/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "contador", + "routeId": "stj.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "660316de899817eda996d9b5597ec816a571d9e5e6168285121f17f734be45a6", + "sourceRecordsHash": "e186ce79de6625301f7b16f1b62062608e7c69e642f783024868d028fef8ac62", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-47ade196bf0ccfc76ee2cb3c", + "humanNextAction": "homologar rota administrativa auditoria para stj/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "contador", + "routeId": "stj.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "5a3190343fde406c989fb956360ed2d2136133037ca581a486d170cbe41cd601", + "sourceRecordsHash": "47ade196bf0ccfc76ee2cb3cf5ecbdd1b46fe8b050e2b919cf88a06acd3d9a2c", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7005161bf67ac2f61a8efbe2", + "humanNextAction": "homologar rota administrativa consulta para stj/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "contador", + "routeId": "stj.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a0199751ecf897e5b9d80c2ee87b511d6926a6358b9504ddb156542aa287e5a3", + "sourceRecordsHash": "7005161bf67ac2f61a8efbe200b6405aa091009b1fbaa7f212403b6d13ae6508", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0f833de0823eb3b3b731cf5b", + "humanNextAction": "homologar rota administrativa diagnostico para stj/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "contador", + "routeId": "stj.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "2c8f82bd5fc97839f4bee6dda092d64f89fb784e8609f48142380ed267753763", + "sourceRecordsHash": "0f833de0823eb3b3b731cf5b47c193d087cb8f997f2c7096a972efcb78d7e73c", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-2fa7b7e80dd8807e70541f74", + "humanNextAction": "homologar rota administrativa explicacao para stj/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "contador", + "routeId": "stj.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f83e9026e8dc69dc3b78fec8a5b49bcde22ce7b6c6cf136557809a56e4dea8e3", + "sourceRecordsHash": "2fa7b7e80dd8807e70541f745e12f989cd397d202c1f3b34b46eb1ab12641fe9", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-ff8677bd402f7ba374c88189", + "humanNextAction": "homologar rota administrativa acao para stj/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "financeiro", + "routeId": "stj.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d93f1209945f4f06f21ccdd2080183b51a890fa1ecdf15e7b68ba3e6eb251373", + "sourceRecordsHash": "ff8677bd402f7ba374c88189c13ec8010b8c89756365a777e0fcbd95a1ab9222", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-7a01348301df92a66c028cda", + "humanNextAction": "homologar rota administrativa auditoria para stj/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "financeiro", + "routeId": "stj.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "8503054131c5e039b568b869df5073168f415661c4b4139057dbe8ed66e2cf03", + "sourceRecordsHash": "7a01348301df92a66c028cdae0c18ba44b506fe2337aba9903a2ab7fdae6e305", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-d0929af76b9cace0275146be", + "humanNextAction": "homologar rota administrativa consulta para stj/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "financeiro", + "routeId": "stj.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "f52704b3990729074dfd0717fdaab1f3478058ff9bec43068a3662e3d6d89656", + "sourceRecordsHash": "d0929af76b9cace0275146bedb0f9630eec3d8f478371791a8e70f34138bdbc5", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-860d4b0c075982ddbe8c7f31", + "humanNextAction": "homologar rota administrativa diagnostico para stj/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "financeiro", + "routeId": "stj.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ea9fa8ace0dcf4c723f4f7e63cbb21ab5b11b644af561595ad6da0892b65db1b", + "sourceRecordsHash": "860d4b0c075982ddbe8c7f31b369da3b4a63c8a19e403bbab887771f31b0fb6c", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-18cdbb5f40e56a2048258a7d", + "humanNextAction": "homologar rota administrativa explicacao para stj/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "financeiro", + "routeId": "stj.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3d37a9dd02aa3abcd05265229a1ed31c99ef24473fa96dd947725dde8c84a7ff", + "sourceRecordsHash": "18cdbb5f40e56a2048258a7dc36478ef2242d6af89718fa24ec0448d06a0c2d9", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-2dfa8bab03a8922a4c75750f", + "humanNextAction": "homologar rota administrativa acao para stj/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "gestor_operacional", + "routeId": "stj.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "627456df71148422e50365ffd5cced4d210da8ce2de4089297f49a59dd73acb5", + "sourceRecordsHash": "2dfa8bab03a8922a4c75750f97a8759f759e13913c5a850cbbacfda65e327cf5", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-6db9b634827319486e4b2540", + "humanNextAction": "homologar rota administrativa auditoria para stj/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "gestor_operacional", + "routeId": "stj.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "95899cfdb48af2523a893ac5dad9523e84d65b3d7b9ceab8ab5ef0742096881c", + "sourceRecordsHash": "6db9b634827319486e4b25404dda9372f0cf0ff2c4a98f0e97baf8848bda2509", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-6b3d7b5db9a7a13ebc146185", + "humanNextAction": "homologar rota administrativa consulta para stj/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "gestor_operacional", + "routeId": "stj.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3125cc04b65d093c53beb4f6fa8d36d625fdca64eaf3c10bb9435e4aca13c031", + "sourceRecordsHash": "6b3d7b5db9a7a13ebc146185c5c9a3410ccf92559200caca74e620c04c23c2c3", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ca70a23586930e81e8f3a3fb", + "humanNextAction": "homologar rota administrativa diagnostico para stj/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "gestor_operacional", + "routeId": "stj.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "f62aa8f7a39df78b8eceb892b636c7ac56ea435518852e4f2a6a06f748b96b7f", + "sourceRecordsHash": "ca70a23586930e81e8f3a3fb4f8991dd4f0635314661f61dcb68132436916180", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-85fd3f077cdeea901083b945", + "humanNextAction": "homologar rota administrativa explicacao para stj/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "gestor_operacional", + "routeId": "stj.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7f0d3fd107a1ee5e0a0ce1416315a9196d7e6b8e6ec004bbcde6e429785c698c", + "sourceRecordsHash": "85fd3f077cdeea901083b945220cce73e111eb5ea18baa465465c6ebf77b30ec", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-f5a75f04deb147138f6dc67e", + "humanNextAction": "homologar rota administrativa acao para stj/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "juridico", + "routeId": "stj.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e6976faa482f37dad8313eb7945d73b431cb8bf9cf2858c05dc7fb7da6b6354e", + "sourceRecordsHash": "f5a75f04deb147138f6dc67e92cf21d9f02eefec88e3df0ea63fbbd4c155609d", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-aa496f411fda525e152fc4c0", + "humanNextAction": "homologar rota administrativa auditoria para stj/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "juridico", + "routeId": "stj.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "cd64fbae63648fde5af08a4578aa714b9a95ed35165e5535788997427025b9e6", + "sourceRecordsHash": "aa496f411fda525e152fc4c0a7016420fe9981d1497d58ed8b022d992529d7ab", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-8d35b07ebb898a699954a6e8", + "humanNextAction": "homologar rota administrativa consulta para stj/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "juridico", + "routeId": "stj.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a0f8b381ecbd464cf1c75f7687ef0ca0904eb1e003884716442f6d5f85f796e3", + "sourceRecordsHash": "8d35b07ebb898a699954a6e83d04ab53e9b76b17410335152cca5e2e88c4c821", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-79f64e5e3d4dbf29e771b294", + "humanNextAction": "homologar rota administrativa diagnostico para stj/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "juridico", + "routeId": "stj.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "84b70498de51a0a8b93eacb9b82180b47a4499c361306a178855c89d102f944b", + "sourceRecordsHash": "79f64e5e3d4dbf29e771b294c234c9aa6c45ba07c28bf4e689524478b7ebac8a", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b04b77fce731f92088625cb2", + "humanNextAction": "homologar rota administrativa explicacao para stj/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "juridico", + "routeId": "stj.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "be25b653e33be1317fb6b347139f46f096128cdd49b71deb27adda66d4e4d361", + "sourceRecordsHash": "b04b77fce731f92088625cb216eff263615dd4dbec734e15a5e903df286866ae", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9200c612412130ec480c3d42", + "humanNextAction": "homologar rota administrativa acao para stj/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "planejamento_estrategico", + "routeId": "stj.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "0f319e5ffe73884543d8a7c50f0b0fb3aaa949c55d56429be4e1f0e4cf3b0a1d", + "sourceRecordsHash": "9200c612412130ec480c3d42a38a3bba5b1798564053c7c0b7e0d58866d3c041", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-6b5cf0ef7c6db89cf102209c", + "humanNextAction": "homologar rota administrativa auditoria para stj/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "planejamento_estrategico", + "routeId": "stj.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d8768f447d1397ddef8c2026794d8d0a06a4ab66bdc7f0b2ee5025c23b02a09d", + "sourceRecordsHash": "6b5cf0ef7c6db89cf102209c6cbe8fbbed248a9f6350605d0fe75c0d4e204578", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-53a05f50b30b97596a39d06e", + "humanNextAction": "homologar rota administrativa consulta para stj/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "planejamento_estrategico", + "routeId": "stj.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "de35c673bdfc2630048328ab8c26f2d68dc5fabe179068d06061bf14d11b43b1", + "sourceRecordsHash": "53a05f50b30b97596a39d06e4baa45fd36153a9ebd0d24044c0db69688d8f087", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-f5548c0f6384242ea4db6f11", + "humanNextAction": "homologar rota administrativa diagnostico para stj/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "planejamento_estrategico", + "routeId": "stj.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "4d8d38fee0cc91a6e496ad8a81815c9b42ff37466afed9b56d9c34379544517c", + "sourceRecordsHash": "f5548c0f6384242ea4db6f11a28c50012b0698d62e10d5d51386b09ec54cabd4", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-b36cbb7bfccbb44738388b97", + "humanNextAction": "homologar rota administrativa explicacao para stj/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "planejamento_estrategico", + "routeId": "stj.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "80125235efe4f0a420ea073b1546d86944249b761e4a4406c47c082bfa6af2c1", + "sourceRecordsHash": "b36cbb7bfccbb44738388b9719586d39dc2a6868c758dec2e6d7f1b0738934ec", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d2f53926bed354c0838ac27c", + "humanNextAction": "homologar rota administrativa acao para stj/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "secretaria", + "routeId": "stj.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "7f56b9c4da303222895de2a4a94a4d175d5831bc7b501f5c7de21bd53234e604", + "sourceRecordsHash": "d2f53926bed354c0838ac27c7498118ecac4e0cce32e45d5ebbcdd0370cd5f3e", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d8f8006ff6f70544d66a6820", + "humanNextAction": "homologar rota administrativa auditoria para stj/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "secretaria", + "routeId": "stj.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "36d3577ad6a496e4108671d1f00b4d24792cef31365ccb6c70e8dad46df59875", + "sourceRecordsHash": "d8f8006ff6f70544d66a6820030d16adc297bd71de4b6e35ef5909d77c4be2d2", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-28176dec003b02ff854ca194", + "humanNextAction": "homologar rota administrativa consulta para stj/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "secretaria", + "routeId": "stj.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "d6bdc440412b0f74b41128113f83facb70305dad09ef295b8e1353ef07a4f923", + "sourceRecordsHash": "28176dec003b02ff854ca19401bc68455aa4f4b01503f188f20bc3138a0a970e", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3c1e1125c8a16a7d04573526", + "humanNextAction": "homologar rota administrativa diagnostico para stj/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "secretaria", + "routeId": "stj.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "bbf4e09973df4c4e54655245821cf5b36772561de2de9356d0433eee2f01e419", + "sourceRecordsHash": "3c1e1125c8a16a7d04573526b9d19729fd762f013481dca5fedd4113b476df83", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-bc1e47840cd352bf2ce3ffdc", + "humanNextAction": "homologar rota administrativa explicacao para stj/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "secretaria", + "routeId": "stj.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "8c158cc97165072ef2935c4f47c36bd5923c780f658183c7a4893256cf45f1c6", + "sourceRecordsHash": "bc1e47840cd352bf2ce3ffdc6f0f7b8503133dcf6abe36ccd4b600cb9567d118", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-9eb7113327d4856d4f2496bf", + "humanNextAction": "homologar rota administrativa acao para stj/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "suporte", + "routeId": "stj.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c79133cb8afd0e7caaa5625b2494dab233962b4e1e6a551d062301d25f6efbe4", + "sourceRecordsHash": "9eb7113327d4856d4f2496bf6341d5c628d22db68d1d93d68d202cdde3a3ec2a", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-9ec7ad461ebb4a4cc3fae863", + "humanNextAction": "homologar rota administrativa auditoria para stj/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "suporte", + "routeId": "stj.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "74b9a33da832c626dc06d4bcee58d72cc4fb715033766f841233794d51996bb5", + "sourceRecordsHash": "9ec7ad461ebb4a4cc3fae863c0478b5e93a22f014541bff7953c3e927c08437d", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-c1bd663e9348826e92ec3344", + "humanNextAction": "homologar rota administrativa consulta para stj/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "suporte", + "routeId": "stj.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "2975f68a034fe87569f6e6b45f48cde33d0c566c62300c27d6f6d97c28cf4ff3", + "sourceRecordsHash": "c1bd663e9348826e92ec33443d105b8f186c8464e876414c11305884669b1997", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8d7362e543b8905cd16cbe38", + "humanNextAction": "homologar rota administrativa diagnostico para stj/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "suporte", + "routeId": "stj.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "89fad6d73c229772980922b7a9f92e752c74f20cb6877685ac8b0d7d040bd861", + "sourceRecordsHash": "8d7362e543b8905cd16cbe38d42fa30f6bd5a0d1149b23ecbe5ce51a2363d88d", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-3e349eb510a0f59f533fd696", + "humanNextAction": "homologar rota administrativa explicacao para stj/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "suporte", + "routeId": "stj.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "710325b1242485b0c2bcce09eee171d3da0a3dc3637c7830e7e4ab00ffe241d4", + "sourceRecordsHash": "3e349eb510a0f59f533fd696b8e3fc3a4f0a9828662e9fcbebf70cce1714411f", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-d6bea2cf279d0337c35f5d40", + "humanNextAction": "homologar rota administrativa acao para stj/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "tecnico", + "routeId": "stj.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1cd1245c6f35ff4b3fee87263c7cb64065c1ece56b1fa3aa1b8e9222cd9de5af", + "sourceRecordsHash": "d6bea2cf279d0337c35f5d40dbf915c53a4ccf0e39bdae894d458400b57c1136", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-301f2d4ad7236df3fde1fa54", + "humanNextAction": "homologar rota administrativa auditoria para stj/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "tecnico", + "routeId": "stj.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d4bc88f922e05d997a2c4d0189b1e44226c8fc45113e11f60b8098031fa20bc6", + "sourceRecordsHash": "301f2d4ad7236df3fde1fa54a806c6138fbe11276d3c56445ddabc26c9af2b57", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-2b12e9ebb344d2795d6a4832", + "humanNextAction": "homologar rota administrativa consulta para stj/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "tecnico", + "routeId": "stj.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "162587a4e3ff5ff6054fc2af44b28965172d37244504eceba3230a5da85f0070", + "sourceRecordsHash": "2b12e9ebb344d2795d6a48327eb40367911b352b770ab1ef11f515caf8cfb003", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-7ca964e198c04aa193ac1a6c", + "humanNextAction": "homologar rota administrativa diagnostico para stj/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "tecnico", + "routeId": "stj.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "84381237fd0dc95dbc7c8b025702e052c6b54761d4bc14bf479457f6ba8bd70d", + "sourceRecordsHash": "7ca964e198c04aa193ac1a6ccd2099abfe1d9cac3faed7b2cd595b3bb988aeaf", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-a7d5838e287c4942c30f3a8a", + "humanNextAction": "homologar rota administrativa explicacao para stj/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "tecnico", + "routeId": "stj.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ba921efa97e0e74bce22d0b9a506545ba8c7664dceae7835e4b445c3da7127ab", + "sourceRecordsHash": "a7d5838e287c4942c30f3a8a019deb42c2416eefac612399b08be482f89bd883", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-30043a4d69795de8d14b311e", + "humanNextAction": "homologar rota administrativa acao para stj/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "stj", + "profileId": "usuario_final", + "routeId": "stj.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f9f005cf873e7ad9687c17510606ef82ad6cef403db9e1ace206b8fa66e38f9b", + "sourceRecordsHash": "30043a4d69795de8d14b311e11eafd7295afd43f3c8e4d0cba0727f19c37e47b", + "status": "partial", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-15e1f4603bc3badc78d20810", + "humanNextAction": "homologar rota administrativa auditoria para stj/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "stj", + "profileId": "usuario_final", + "routeId": "stj.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "40852849210700bde4219e117447d60656153b7e7da3750bb2b2fa3835e6d615", + "sourceRecordsHash": "15e1f4603bc3badc78d20810bfd60ddb94e80a735e5375511381ac9d16ef9a91", + "status": "partial", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-f04caf9756a62e39a382b150", + "humanNextAction": "homologar rota administrativa consulta para stj/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "stj", + "profileId": "usuario_final", + "routeId": "stj.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "82cf4b1a4a492695fd66da59c11d14ff532b7c1d1cf877a3da3de39a27824755", + "sourceRecordsHash": "f04caf9756a62e39a382b15040f5b7804b4327de0ff65ad6fb10c03c93ac3deb", + "status": "partial", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-caecce7ff1779ac607198784", + "humanNextAction": "homologar rota administrativa diagnostico para stj/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "stj", + "profileId": "usuario_final", + "routeId": "stj.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "cabe5e5f240ece6d64add3b363462c290c160a1329b32580e599fad236d4a936", + "sourceRecordsHash": "caecce7ff1779ac607198784ae3e2410a71680800aa055bac6574953f6fffa97", + "status": "partial", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-f6fa9feea864797c48fa953a", + "humanNextAction": "homologar rota administrativa explicacao para stj/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "stj", + "profileId": "usuario_final", + "routeId": "stj.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1b6d35a0c63c48092d75268dd48e7b0734bbf20fec8ec870ae96fc5b24d377ef", + "sourceRecordsHash": "f6fa9feea864797c48fa953a876cfe5dd64b6c21e0013b21ab59057696e72784", + "status": "partial", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-acdd29b6dbc2bf21ec218165", + "humanNextAction": "homologar rota administrativa acao para ui/administrador_empresa", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "administrador_empresa", + "routeId": "ui.administrador_empresa.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f2d650fefdb03f5c2a6814be1442e799da2e8616123c15d75f7892343c4965e0", + "sourceRecordsHash": "acdd29b6dbc2bf21ec218165830b825c9e4e5117358dd36227b4b833acb888ed", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-a210a59407ffe78ee7afec96", + "humanNextAction": "homologar rota administrativa auditoria para ui/administrador_empresa", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "administrador_empresa", + "routeId": "ui.administrador_empresa.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "e6390c975f788e8ab50df80a1ecfc53d4cdc215b89550e9ff2e9e70a36f34251", + "sourceRecordsHash": "a210a59407ffe78ee7afec96122f4c3ff77b6cfd2a526953c3f19e1769860d6a", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-69ebc5c0fdde786509642367", + "humanNextAction": "homologar rota administrativa consulta para ui/administrador_empresa", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "administrador_empresa", + "routeId": "ui.administrador_empresa.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "2e69434298ce0c278d2d69dced5771f5a85bdc02ad308fd086dfc8c9af463163", + "sourceRecordsHash": "69ebc5c0fdde786509642367e6e0fa858b7f8d47b1cd19ec90aab70fabcb909d", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-d5b84a8f12f97b9f44f65195", + "humanNextAction": "homologar rota administrativa diagnostico para ui/administrador_empresa", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "administrador_empresa", + "routeId": "ui.administrador_empresa.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "e614176656ffcda6eef18a23bc2f3086aefec611855ccfc79e4e6b4e0a7dc16c", + "sourceRecordsHash": "d5b84a8f12f97b9f44f651953235b25c789f2052fc3e2a2d0f2f2bdb992b2d8c", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-1d7b3e228c181a4b4258ed4a", + "humanNextAction": "homologar rota administrativa explicacao para ui/administrador_empresa", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "administrador_empresa", + "routeId": "ui.administrador_empresa.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3e787b5ba822af9c2279068599d41386a7839e3a00858810c570ba9b52b85343", + "sourceRecordsHash": "1d7b3e228c181a4b4258ed4a128be071a6985f6ef00e7cbb2e0ccbaad18c3e70", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-2922ec5ef3d693ac90e6bf24", + "humanNextAction": "homologar rota administrativa acao para ui/atendimento_cliente", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "atendimento_cliente", + "routeId": "ui.atendimento_cliente.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "07cbb1fb2a619006e9976623bd4d02da0b4a8ce36c891b07b3d2273c4a6d4ca1", + "sourceRecordsHash": "2922ec5ef3d693ac90e6bf243a0bc2033471dd4c162b0f1d22dd95d98efe0fcd", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-d4ecdf56af2c2ce5f434d0d3", + "humanNextAction": "homologar rota administrativa auditoria para ui/atendimento_cliente", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "atendimento_cliente", + "routeId": "ui.atendimento_cliente.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "abd625535a0624ebd750b6df4013c8c372c127f3e89cfcc5fc1a4be8d07ce78d", + "sourceRecordsHash": "d4ecdf56af2c2ce5f434d0d3bef4969e295d54cb39257580367738a2f1561105", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-4c116aabf7abb9368dfa3144", + "humanNextAction": "homologar rota administrativa consulta para ui/atendimento_cliente", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "atendimento_cliente", + "routeId": "ui.atendimento_cliente.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "4ea27bc9a761c52159d0842b97a201877000bed3b9e35c8ad9f99ab28826d99c", + "sourceRecordsHash": "4c116aabf7abb9368dfa31446e88d21563829483e1986ff12e03721336140dd9", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-c5de490727201f52d253f875", + "humanNextAction": "homologar rota administrativa diagnostico para ui/atendimento_cliente", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "atendimento_cliente", + "routeId": "ui.atendimento_cliente.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "e2342fc6046297ce49a75c8058ae8f71c7c5ed98f50c9c8c58eace3794d9a175", + "sourceRecordsHash": "c5de490727201f52d253f875c37c38948f1f1cc1ecc54254c5a09906e706f9d8", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-32316a1899fb597300b35b93", + "humanNextAction": "homologar rota administrativa explicacao para ui/atendimento_cliente", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "atendimento_cliente", + "routeId": "ui.atendimento_cliente.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "363dc38ab5b69db9acdca3988e5d0ecfaec17983e328d8207e10dfebdf62a827", + "sourceRecordsHash": "32316a1899fb597300b35b9310d9f4cfc882e8f6b0db8d2397f4600226abff29", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-543f874573af334d27d2f880", + "humanNextAction": "homologar rota administrativa acao para ui/ceo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "ceo", + "routeId": "ui.ceo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "45070e143dc266e90a139378155bd40d2157eece498e534688b50458cef072c2", + "sourceRecordsHash": "543f874573af334d27d2f88033d12127c829130f38f926d675b8046bf0373f97", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-141de56469a5f2c7bfd2ca4a", + "humanNextAction": "homologar rota administrativa auditoria para ui/ceo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "ceo", + "routeId": "ui.ceo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "1da080993a10da7968c13451ad13c5c12ee112dcdcc4df77a56b1a7fd2d941aa", + "sourceRecordsHash": "141de56469a5f2c7bfd2ca4afea9843a70a189e1304e7f8c6c9114ae6a3573ba", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-b64e3df6cdfa9a2fc1d3673e", + "humanNextAction": "homologar rota administrativa consulta para ui/ceo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "ceo", + "routeId": "ui.ceo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "3d0a712be3f8a4a9e81b1e372c634ee4227d37e92f4effbd339f098419540fc9", + "sourceRecordsHash": "b64e3df6cdfa9a2fc1d3673eaf4ce11e365ed1ebf9550c2b0ef6518c20189e0e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-0377ad8216ef33b4f9fe7fd4", + "humanNextAction": "homologar rota administrativa diagnostico para ui/ceo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "ceo", + "routeId": "ui.ceo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "ed25307d5214d5e2847ab37515ae77512cb290152b6e59cad46bd71ab83e85dd", + "sourceRecordsHash": "0377ad8216ef33b4f9fe7fd40aa15aef071b2a544d78f980fd551ca390f171e3", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-78a213be246b36c5c0159f7d", + "humanNextAction": "homologar rota administrativa explicacao para ui/ceo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "ceo", + "routeId": "ui.ceo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1fa32f4d86307fc0070f63400c391139eec683f1e34fa7d1ce471508807f062e", + "sourceRecordsHash": "78a213be246b36c5c0159f7da6dec3d11f20cf636c296855f39f74b35f4015e1", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-632c60276b35d32f75222984", + "humanNextAction": "homologar rota administrativa acao para ui/cliente_externo", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "cliente_externo", + "routeId": "ui.cliente_externo.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "bd6c387d1d49744f48c565a102d5f515e36250c409095f6cb6a4a6b68c208d24", + "sourceRecordsHash": "632c60276b35d32f7522298479676c4c5edae2a76020eaaf1408989b2caf6276", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-aa9e0a295646bb65c8f6ac29", + "humanNextAction": "homologar rota administrativa auditoria para ui/cliente_externo", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "cliente_externo", + "routeId": "ui.cliente_externo.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "6f856a2b3d971717031fe412b6abbbe9a62ec9ffb5594b7aea6ecc29b5a28f52", + "sourceRecordsHash": "aa9e0a295646bb65c8f6ac29360fac53319ac2f36e84da9096a357312ae4c4e5", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-c8094bb84b276fb3f281bc61", + "humanNextAction": "homologar rota administrativa consulta para ui/cliente_externo", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "cliente_externo", + "routeId": "ui.cliente_externo.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "b78d62ee86dad4fa23beb74d9b49585f845307815656c131633f0ca3efa6b337", + "sourceRecordsHash": "c8094bb84b276fb3f281bc61e663ac3866d9f18c46dae755b599edfd7439728e", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-901df1c41a7007e6748f05ee", + "humanNextAction": "homologar rota administrativa diagnostico para ui/cliente_externo", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "cliente_externo", + "routeId": "ui.cliente_externo.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "859f3c41ca61df77ef4d08cb105bd3e3636f248dd3547c7235db2a28ebdcae28", + "sourceRecordsHash": "901df1c41a7007e6748f05eebef87bab31e230b33fa5b0c5744deb43c43a42dd", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d0dc75609ed1f5e71e89d20b", + "humanNextAction": "homologar rota administrativa explicacao para ui/cliente_externo", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "cliente_externo", + "routeId": "ui.cliente_externo.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d1e329cfd0e8ee7176afa6f132c00a8c403f178ab7cc061929d70ae42c88a130", + "sourceRecordsHash": "d0dc75609ed1f5e71e89d20b11b2b6cbb8c885150bfba10874eefe25d05b0961", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-7b2c4575cb7a81cb5dd41c5b", + "humanNextAction": "homologar rota administrativa acao para ui/contador", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "contador", + "routeId": "ui.contador.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d8ce56fb58f2d16cc80a537418ff139788cf6053180130aac43bcf7667680640", + "sourceRecordsHash": "7b2c4575cb7a81cb5dd41c5b6e089c66c037887906386d6d5ffd39aab7041316", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-34d38a3765c51b0d43bfd25a", + "humanNextAction": "homologar rota administrativa auditoria para ui/contador", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "contador", + "routeId": "ui.contador.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "d9053790e41959cac1073338defd641ee638d0268800a527dc9685376b4315b1", + "sourceRecordsHash": "34d38a3765c51b0d43bfd25a28ff9dd461dd24306ae83f3da64b12a452adaf2f", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-ec45905b9434b0df89f685b8", + "humanNextAction": "homologar rota administrativa consulta para ui/contador", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "contador", + "routeId": "ui.contador.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "2e0eeb28642da383f005f18931cee288cbcd27469d37609cd218ce6ce6eeaead", + "sourceRecordsHash": "ec45905b9434b0df89f685b846bf149bf60c7cd4dbd2d36b9d1a59e81e93017b", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-55c938a85db15750833ccb4c", + "humanNextAction": "homologar rota administrativa diagnostico para ui/contador", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "contador", + "routeId": "ui.contador.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "27cb90194ae00af5a7d4a9fcaa1235fec5b51893bb8f85097bb3b17ca2956f75", + "sourceRecordsHash": "55c938a85db15750833ccb4c6a13c77bdad9b3d24c05918d862e3dfc82edd959", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-d1f32ecc684abb23b65c7fe2", + "humanNextAction": "homologar rota administrativa explicacao para ui/contador", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "contador", + "routeId": "ui.contador.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "ec77e95bf1ad11b479d02f28aa3afedb155f91d565338de5c9ce6773c451551b", + "sourceRecordsHash": "d1f32ecc684abb23b65c7fe283efce04b6d59d6d70e15aa1b6d6cc2109a2bbdf", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-18c94b5f29de327e629c21ce", + "humanNextAction": "homologar rota administrativa acao para ui/financeiro", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "financeiro", + "routeId": "ui.financeiro.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "27f862c72e14bda30a5e30b5e96ae13913c475faacd65f3041a7b4dc08cf12eb", + "sourceRecordsHash": "18c94b5f29de327e629c21ce1c510d33322c79b308ca139051d4fca3ff39c0f0", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8e4052839a650c99fcc2187e", + "humanNextAction": "homologar rota administrativa auditoria para ui/financeiro", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "financeiro", + "routeId": "ui.financeiro.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "933ffc7072a9756d84154f1825f6b206c012428f474bcc8939fa9f3b396cafd1", + "sourceRecordsHash": "8e4052839a650c99fcc2187e4485cec66b8e7c268b296005b65954f388fe74f0", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-be83c5c80dbb2c026792cf1a", + "humanNextAction": "homologar rota administrativa consulta para ui/financeiro", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "financeiro", + "routeId": "ui.financeiro.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "29ac7ac984a517e801c9e7afd9c01a789a45ef5385e6d79a71fe8d0fd8242b51", + "sourceRecordsHash": "be83c5c80dbb2c026792cf1a50e8e3431ad3f2a0500f23782c43605f92662955", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-56cbc34e03b46b259dd0de39", + "humanNextAction": "homologar rota administrativa diagnostico para ui/financeiro", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "financeiro", + "routeId": "ui.financeiro.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "459351675b91165a124be73f3c15950742f4100a88ccbd47eb19be07d72bf76b", + "sourceRecordsHash": "56cbc34e03b46b259dd0de391987336979b6f433eb00049189ef84bf99a3bbcf", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-aa312b7fdb4f61a721109348", + "humanNextAction": "homologar rota administrativa explicacao para ui/financeiro", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "financeiro", + "routeId": "ui.financeiro.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "f6de98b49b13cc8dc36719d93cb0cd3e18e5cbc79fc01744428ae33c0d36f417", + "sourceRecordsHash": "aa312b7fdb4f61a7211093483d15a46ef03fdb0a4fd662778c8e827ed08edf6c", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-cc84c3fb5335f4070d2fa10e", + "humanNextAction": "homologar rota administrativa acao para ui/gestor_operacional", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "gestor_operacional", + "routeId": "ui.gestor_operacional.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "1ce39eff5fb7cbc1a4b28395d4548a209f0188a14b9291348b287b63bde3b942", + "sourceRecordsHash": "cc84c3fb5335f4070d2fa10e61542604d9cb69f8722e9db762e20acf941f3372", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-74683ce1c0cbdaed0b805006", + "humanNextAction": "homologar rota administrativa auditoria para ui/gestor_operacional", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "gestor_operacional", + "routeId": "ui.gestor_operacional.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "e9eb372441c23d9d2652dbca4d804136d4c5667529d72094e962181c8890ce18", + "sourceRecordsHash": "74683ce1c0cbdaed0b80500643ddd407df5bab7a74b3ea597c7b6c4ed3e3348f", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-7d29aab1b3777cc9c577b2c5", + "humanNextAction": "homologar rota administrativa consulta para ui/gestor_operacional", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "gestor_operacional", + "routeId": "ui.gestor_operacional.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "05a2cfa3bcbeae38effd976f0fee66e0898b07f8198252ee198858eb1ab7c428", + "sourceRecordsHash": "7d29aab1b3777cc9c577b2c57b8f176893904f7ebf8720093e1587732e1fcee6", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-340b6a63f57c2277eba5e047", + "humanNextAction": "homologar rota administrativa diagnostico para ui/gestor_operacional", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "gestor_operacional", + "routeId": "ui.gestor_operacional.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "708fa674329dcaf630d1e38f276f3f218dd4406aeceeaa5f27c1ab4c471dc5d5", + "sourceRecordsHash": "340b6a63f57c2277eba5e047690772de4d5d2d7928ace279b460c28639c265ad", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-74240ed62a3ca8782502f932", + "humanNextAction": "homologar rota administrativa explicacao para ui/gestor_operacional", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "gestor_operacional", + "routeId": "ui.gestor_operacional.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "d0960f7b5c2f45e0c4bc29bf487220c6d7359ef3adfe242af121b70e2ab11092", + "sourceRecordsHash": "74240ed62a3ca8782502f93254848e81f40449fdea3a5e422b2d6a33b365bcfd", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-8129871ba4ef409f63e9b9fb", + "humanNextAction": "homologar rota administrativa acao para ui/juridico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "juridico", + "routeId": "ui.juridico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "b8ae12354916f081c1781cafb8253434a8d4e33bfac4f3f2c1afb9fb9b1799ae", + "sourceRecordsHash": "8129871ba4ef409f63e9b9fbb9769a3f4e7166d08323b6b5611e539fe792d98a", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-3e64a93015984ab6d7b65707", + "humanNextAction": "homologar rota administrativa auditoria para ui/juridico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "juridico", + "routeId": "ui.juridico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "2eead33a2847a06e4b3bcccc53e52675ee481b994c5a9b093d909e74263b79fd", + "sourceRecordsHash": "3e64a93015984ab6d7b6570748efcee1fedc9081701056c135e6d2d72204c654", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-5e4b967cef24189521a99479", + "humanNextAction": "homologar rota administrativa consulta para ui/juridico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "juridico", + "routeId": "ui.juridico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "126d6adcffa49d4b55627f48198671a55c484db46a962dd8cebed5e3bc647026", + "sourceRecordsHash": "5e4b967cef24189521a9947970a8fa84e4cd546a0857474b52d3611c6d9f33f5", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ed46059201484eec2b66af89", + "humanNextAction": "homologar rota administrativa diagnostico para ui/juridico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "juridico", + "routeId": "ui.juridico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "3fea696a635a1cfe854fe17fc6b91cd906f2274e7c1b6d1fcae77e1ffacc3ac8", + "sourceRecordsHash": "ed46059201484eec2b66af8986e528a01ea26ee9c9b2b4a80571c0b712bc2fb4", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-73bbd570c956b75a7329622c", + "humanNextAction": "homologar rota administrativa explicacao para ui/juridico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "juridico", + "routeId": "ui.juridico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "3484f923cdfde312d5834a6a8163f1f0f336aa3ad666d0c5ffb8f6d264f07a45", + "sourceRecordsHash": "73bbd570c956b75a7329622cbc3b10953546e3e60d1bd0759d7b11e91187bbd2", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-814dd6fdba41f6aba98ff723", + "humanNextAction": "homologar rota administrativa acao para ui/planejamento_estrategico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "planejamento_estrategico", + "routeId": "ui.planejamento_estrategico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "842013a76382755f9c9ad6e7e49d692eee06cad505b4bed8b029fe6b235964d9", + "sourceRecordsHash": "814dd6fdba41f6aba98ff723b26306084f0502e64ac4cb5bd6cae02b14bff6c9", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-0647ffc4add4c70a99857095", + "humanNextAction": "homologar rota administrativa auditoria para ui/planejamento_estrategico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "planejamento_estrategico", + "routeId": "ui.planejamento_estrategico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "96468215ea12da49ef4ad5cf4d4777e38df2ef5c7d20daa2f81902b657f383e9", + "sourceRecordsHash": "0647ffc4add4c70a99857095e1f617e7a7d872aace1c44a0f7fd4f845d0c7556", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-6ea3b3649b195a309ad4795d", + "humanNextAction": "homologar rota administrativa consulta para ui/planejamento_estrategico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "planejamento_estrategico", + "routeId": "ui.planejamento_estrategico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "59ebee301dade1216e6119f03fa45caa0ee0864d25c0901dfd22fc8ddd228c4a", + "sourceRecordsHash": "6ea3b3649b195a309ad4795de3a446706509983a0329593a48fb604da338d131", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-8f7c3d093932b44b804b445e", + "humanNextAction": "homologar rota administrativa diagnostico para ui/planejamento_estrategico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "planejamento_estrategico", + "routeId": "ui.planejamento_estrategico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "846daa529eac3b1a9a89a026380825980f73e0551603edb499c1942b8b04f776", + "sourceRecordsHash": "8f7c3d093932b44b804b445e41ffeb58330b68c91f3d2d1374846892a4f119d1", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-63f0909bc0360afca0d89749", + "humanNextAction": "homologar rota administrativa explicacao para ui/planejamento_estrategico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "planejamento_estrategico", + "routeId": "ui.planejamento_estrategico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "dcdc33316582a3d5e60d37bef73c6688f3be117db391f1d441d1882e01d0de42", + "sourceRecordsHash": "63f0909bc0360afca0d897494bbdf5aceba17454313d56b65f03242b55f51f82", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-2abcc008916770d352204eac", + "humanNextAction": "homologar rota administrativa acao para ui/secretaria", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "secretaria", + "routeId": "ui.secretaria.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "06b460986f6a97a743bae79687d4bfc6f2bdb658bd2777216496b885cf0a5c55", + "sourceRecordsHash": "2abcc008916770d352204eac5fc609d895ea91f86a45a43a4e1ba87f7cba35c7", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-b6cb709468d0817ba96deeef", + "humanNextAction": "homologar rota administrativa auditoria para ui/secretaria", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "secretaria", + "routeId": "ui.secretaria.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "ddbb95c1dc48fc4fcd7149666e26de6b2491e786c5986473180d1df5613269f7", + "sourceRecordsHash": "b6cb709468d0817ba96deeef72970ea5d5ee9cc5a67b6b4c92d9f3d81d45098b", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-96a3587a6ca73476a86db1d2", + "humanNextAction": "homologar rota administrativa consulta para ui/secretaria", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "secretaria", + "routeId": "ui.secretaria.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "8b6ef16e9d2d68544d0577fd226c7a87195820269b652ecf2c13575bf843b998", + "sourceRecordsHash": "96a3587a6ca73476a86db1d2141aab3d611daf9511c9275aa05fb619a464c3ec", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-3a3cda0857ff19864a36f8cf", + "humanNextAction": "homologar rota administrativa diagnostico para ui/secretaria", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "secretaria", + "routeId": "ui.secretaria.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "00783576aad9bf206195c5e8647bff27029f51bb479b4838eb3c1545d6089d5d", + "sourceRecordsHash": "3a3cda0857ff19864a36f8cfda41400169a53e448d8482b653aa3be6b0fbebb1", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8899a0db1d0e4d5e7e791716", + "humanNextAction": "homologar rota administrativa explicacao para ui/secretaria", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "secretaria", + "routeId": "ui.secretaria.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "e565174f5ed445107e0d18daf414efd8743c144940764beefe855a0f488b2371", + "sourceRecordsHash": "8899a0db1d0e4d5e7e791716d573aea76ac270a04139eaf0f32a463f09ae2ea2", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e34a5a50f2ebe419171cb8ba", + "humanNextAction": "homologar rota administrativa acao para ui/suporte", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "suporte", + "routeId": "ui.suporte.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "aca4e83d3bb25e746d90187213fae4581a98fad8b1494aa22d14a83c7580da06", + "sourceRecordsHash": "e34a5a50f2ebe419171cb8ba83c7e2764997ec599bcf6ad8a264423cd2b92cf0", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-93b6912f4f24a92f7eb4d27d", + "humanNextAction": "homologar rota administrativa auditoria para ui/suporte", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "suporte", + "routeId": "ui.suporte.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "f16a2e71b3b1005480a9b45def4686b621103419bc602aad784a45518cf10890", + "sourceRecordsHash": "93b6912f4f24a92f7eb4d27d168a92320cc9114fb89584ef5ac14e8efcfacafb", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-2ed376cb48c0c125748bda52", + "humanNextAction": "homologar rota administrativa consulta para ui/suporte", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "suporte", + "routeId": "ui.suporte.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "a02744b522d99f03a55d21294a3f37094bca8bd9694c0a58445072ccdd7e313d", + "sourceRecordsHash": "2ed376cb48c0c125748bda5206c7512dbf63bb57812dd53bd871da1368709e10", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-a4e9d55924e9e3df4286a819", + "humanNextAction": "homologar rota administrativa diagnostico para ui/suporte", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "suporte", + "routeId": "ui.suporte.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "15f13f6879b30479b617e20c8c02263961ee1846bfc1357f2dfcfaecd935b46e", + "sourceRecordsHash": "a4e9d55924e9e3df4286a81938694b8174c4e3af06177cd6fd933af738394721", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-7c4b39205065ae95d4f163dc", + "humanNextAction": "homologar rota administrativa explicacao para ui/suporte", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "suporte", + "routeId": "ui.suporte.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "de1b1d37faff4190395512230d9f20ee8474f220ec30d1e6d7f9d6d6cba29efa", + "sourceRecordsHash": "7c4b39205065ae95d4f163dc091a1feb188892f2405d0ac7b1136926dffc9a7f", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e600134592c2f32face15f51", + "humanNextAction": "homologar rota administrativa acao para ui/tecnico", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "tecnico", + "routeId": "ui.tecnico.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "6bf2c6c764b1d8fa2b11c035a916763caab7b97a1a207b4286369f7815f4d556", + "sourceRecordsHash": "e600134592c2f32face15f51bb8488f44c278edf4eea7bc1ca868ad7e2557aef", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-4068982ece0170e33eeecdb3", + "humanNextAction": "homologar rota administrativa auditoria para ui/tecnico", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "tecnico", + "routeId": "ui.tecnico.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "96838f28b0ade0e6214be68e08b9ee2db1c8058793d6277083eee4843a44f5e9", + "sourceRecordsHash": "4068982ece0170e33eeecdb39e3aa0395df71e057ed24686228bf88701586054", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-4e811ecc28f7cb09c49ea6a0", + "humanNextAction": "homologar rota administrativa consulta para ui/tecnico", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "tecnico", + "routeId": "ui.tecnico.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "e372f178a3b032e2cb5876ffa7ef6efaf772efbde34318ab68e80b2c71298cbb", + "sourceRecordsHash": "4e811ecc28f7cb09c49ea6a064e79bbfd51d00321c4a68fa9429aeb3af37b9f5", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-1cc0f10c9393591218626cc6", + "humanNextAction": "homologar rota administrativa diagnostico para ui/tecnico", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "tecnico", + "routeId": "ui.tecnico.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "f8afaf1bcb7c6e88a3112353b4f2b7819a533d1b3f2179fc7f866b39773a3cd2", + "sourceRecordsHash": "1cc0f10c9393591218626cc67e3e48f9bc47191c9878ceb3dc61d67a498a986b", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-59939bb42b0dafc7b098f742", + "humanNextAction": "homologar rota administrativa explicacao para ui/tecnico", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "tecnico", + "routeId": "ui.tecnico.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c89dcdb15d385fe854eb84a68275c8f470d006943de95e3478df86ca6b69538b", + "sourceRecordsHash": "59939bb42b0dafc7b098f742f34945aa01a8410ba653e72694b9d6cad9df8f6a", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + }, + { + "evidenceId": "evidence-e03cf4676a6287cbbadcc159", + "humanNextAction": "homologar rota administrativa acao para ui/usuario_final", + "operation": "acao", + "permissionScope": "mcp.admin.action.request", + "platformId": "ui", + "profileId": "usuario_final", + "routeId": "ui.usuario_final.acao.administration-route", + "sameSource": true, + "sourcePayloadHash": "93ff08a013f94a9523e53e469076f41cc39852322c0618ac4c8f8548f69aadc1", + "sourceRecordsHash": "e03cf4676a6287cbbadcc159e332e100193d3e78074b1da2fed1eab67021155e", + "status": "ready", + "toolId": "mais_humana.admin.acao" + }, + { + "evidenceId": "evidence-8e5a532f1d450e52f2a59360", + "humanNextAction": "homologar rota administrativa auditoria para ui/usuario_final", + "operation": "auditoria", + "permissionScope": "mcp.admin.audit", + "platformId": "ui", + "profileId": "usuario_final", + "routeId": "ui.usuario_final.auditoria.administration-route", + "sameSource": true, + "sourcePayloadHash": "146430b9dd61355a9d637e4c18e14db15aed816d3a8955a4235ff165acc99f70", + "sourceRecordsHash": "8e5a532f1d450e52f2a59360a670b4edaacd1f32197d9f4b6da74c74c8f64492", + "status": "ready", + "toolId": "mais_humana.admin.auditoria" + }, + { + "evidenceId": "evidence-87defa2280db2d47d40728a1", + "humanNextAction": "homologar rota administrativa consulta para ui/usuario_final", + "operation": "consulta", + "permissionScope": "mcp.admin.readonly", + "platformId": "ui", + "profileId": "usuario_final", + "routeId": "ui.usuario_final.consulta.administration-route", + "sameSource": true, + "sourcePayloadHash": "54a3d145eb21b8964a120184850dc9cb2252173471171ad65e7db3725d645c3f", + "sourceRecordsHash": "87defa2280db2d47d40728a1eb07c3c3bc25858ca3b0251763983fe96dff1db2", + "status": "ready", + "toolId": "mais_humana.admin.consulta" + }, + { + "evidenceId": "evidence-ef8a5214b6a30fae2dd219eb", + "humanNextAction": "homologar rota administrativa diagnostico para ui/usuario_final", + "operation": "diagnostico", + "permissionScope": "mcp.admin.diagnostic", + "platformId": "ui", + "profileId": "usuario_final", + "routeId": "ui.usuario_final.diagnostico.administration-route", + "sameSource": true, + "sourcePayloadHash": "7c85a7b07b1f7f0025791d1dae8b06646957d05ca3bdd1ba63945dbbade35584", + "sourceRecordsHash": "ef8a5214b6a30fae2dd219eb888676641b78890589d95142707d811266b852f4", + "status": "ready", + "toolId": "mais_humana.admin.diagnostico" + }, + { + "evidenceId": "evidence-8b25f4dc32339b235d9c5c80", + "humanNextAction": "homologar rota administrativa explicacao para ui/usuario_final", + "operation": "explicacao", + "permissionScope": "mcp.admin.explain", + "platformId": "ui", + "profileId": "usuario_final", + "routeId": "ui.usuario_final.explicacao.administration-route", + "sameSource": true, + "sourcePayloadHash": "c79d14d7b20fcda4582c9c722cb07bc6839e7604cc07ac1a62869a2b3204e314", + "sourceRecordsHash": "8b25f4dc32339b235d9c5c805dc8eb08cbe3f4bfe45a0ff991274879da29e12f", + "status": "ready", + "toolId": "mais_humana.admin.explicacao" + } + ], + "controlPlaneId": "tudo-para-ia-mcps-internos-plataform", + "evidenceId": "evidence-3e8315d3681d99686af5b998", + "generatedAt": "2026-05-02T06:06:49+00:00", + "operations": { + "acao": 182, + "auditoria": 182, + "consulta": 182, + "diagnostico": 182, + "explicacao": 182 + }, + "partialCases": 325, + "platformsCount": 14, + "profilesCount": 13, + "providerId": "mais_humana", + "readyCases": 520, + "readyRatio": 0.5714285714285714, + "reportId": "mcp-admin-route-acceptance-b7dbd20012832055", + "returnedCases": 910, + "sourceHash": "f9844f598bfbfb968acea6465fc4b8f7a277b5b071003f3808d1581ce3112363", + "status": "blocked", + "totalCases": 910 +} \ No newline at end of file diff --git a/dados/mcp-admin-route-acceptance.json b/dados/mcp-admin-route-acceptance.json new file mode 100644 index 0000000..ab836cc --- /dev/null +++ b/dados/mcp-admin-route-acceptance.json @@ -0,0 +1,108293 @@ +{ + "filters": { + "operation": "", + "platformId": "", + "profileId": "", + "status": "" + }, + "generated_at": "2026-05-02T06:06:49+00:00", + "generated_files": [], + "report_id": "mcp-admin-route-acceptance-b7dbd20012832055", + "returned_cases": [ + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ad52ab3aec8c146ff3726b2d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "administrador_empresaNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d082c395fdaf1f2b7f4477634fefea03d68c34daa50caffe9869d4f764ede499", + "source_records_hash": "ad52ab3aec8c146ff3726b2d3906e7a5c070939751f6dc09bd22113e142f679b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-10ecf5e6942e1370acc44c11", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "administrador_empresaNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f1d17c2b19d9d7bb48a99f9391cb7ac5b8acaa85685f52cb4942630f38f6d32b", + "source_records_hash": "10ecf5e6942e1370acc44c11aa79e655a5d324ea8e445a1a233fee9f676802e5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-587d659a4c282c7715078021", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "administrador_empresaNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "505b2b794fc430bbc76e80c11cb59f484d6c44f2f1331a74edaef872d15d4e38", + "source_records_hash": "587d659a4c282c7715078021a91d62105284097dade620bc969161477b89401b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c7ded42ea265be003bb113b6", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "administrador_empresaNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3e6d2ec5d40f72aa001a6da61d26cdb3db6112a01dd2d4a567c6abce7f56fbdd", + "source_records_hash": "c7ded42ea265be003bb113b601771a1eb6f5fce906f2fe52923762812891a238", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-63d6d7de2ac68232ac3c862c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "administrador_empresaNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "051170ee6954b9e724eaae7fef4cb0bb8ed88d39c33dbfacc384c58ea0ff1f9a", + "source_records_hash": "63d6d7de2ac68232ac3c862ce9684c9d5ef7e2441f4f4b16ff2404ca344fa0cd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7c7be84ac6782615dfeb38d9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "atendimento_clienteNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1299a53220e003a76a84268297f5a7228d02dce16a07ae3d39a77d0ffc89f1d6", + "source_records_hash": "7c7be84ac6782615dfeb38d9e02b86f0ad0deaf2363267c1194d21093dbed20f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4e8c564a2d995bc53735548e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "atendimento_clienteNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "57beddad77228c21b6036b410547ade91a1057e7e891838a95863368941bf50a", + "source_records_hash": "4e8c564a2d995bc53735548efabfe94d75a5b51ba45c1ea1e13a44858fe03bf3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7edecd401588f6ec8c809e03", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "atendimento_clienteNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fc9ad6aadbd39a5aa8fb4444e49779f54202462e0d9b7c86e36edaf39383640d", + "source_records_hash": "7edecd401588f6ec8c809e03321d2da8922c5453f10737c591d1ab93b90ef7a8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0d6b7f9fd95b804d2c99c89d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c6a4c1161a4ab3ddf0cdab419e336e869d4c3f598724e9fa6075c11563daee32", + "source_records_hash": "0d6b7f9fd95b804d2c99c89daf94687c8399c57f9da494fd711d39269d68c5a9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8efd2d3db8c8e36d1737e931", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "atendimento_clienteNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0bdee52d0d0fa434a2bd5c0cbd79521b962f3b1eaff978b92fa727107b6a108e", + "source_records_hash": "8efd2d3db8c8e36d1737e9314fec019577b0745cfb233c570d63e2858eb2e70f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8663f918eaf543ba853f6b17", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "ceoNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bd976d4fd2ff57008416461108920c388cea94b1fad993e1176a20097d00d59c", + "source_records_hash": "8663f918eaf543ba853f6b17f0e5f53f7f0873de4cdc3d32a18f6734fd71aa11", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8626f5e4b0fab4f7034f59d5", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "ceoNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0a7868bfb78b8f713f91492f7a35e282ad970ac87fab3f974b30559fa7920826", + "source_records_hash": "8626f5e4b0fab4f7034f59d586be22c3cb631c08f361f9083eb72c423f7ba05f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a1b5c73faabc9adb8acba4f6", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "ceoNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e4076ddc0cd4f5445f4a832bdb9b77833fe512f036470298afa797fba9a0fb04", + "source_records_hash": "a1b5c73faabc9adb8acba4f6a561d519eefe768a025223d7417f0a537819d53f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-97bf7c4fef545240d91a0d67", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "ceoNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3801b57510c00a1fce40adfc5b8aba77782931a56baae50f84ff3e95dc28ef10", + "source_records_hash": "97bf7c4fef545240d91a0d6794c9ca8989fce742216f4e8daa7f2394ae451a6a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4910d766c7e8e6539ed20de3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "ceoNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "677e2c9b2e1073a561244cb1452b056cb0c27aef03fc92b54e7efc4033de969e", + "source_records_hash": "4910d766c7e8e6539ed20de3ccc4d8fb629d43766d5a8873ae5926ea9840e161", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-99b8fc9b9bb54a227950015d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "cliente_externoNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "58d8e5ba1a5694d277ef196e48bc5bee57278b98eba53ee04a5fe88034705039", + "source_records_hash": "99b8fc9b9bb54a227950015d1c8ad52f9be0a93270a1029f2584c3c013dc9fac", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-432a6b6a41e60ad56931f6d8", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "cliente_externoNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5b93e10b9bf98b0bd18a6478cf62fd3b812bca7176a6b46ab1a07fa546c3e15f", + "source_records_hash": "432a6b6a41e60ad56931f6d8e9fb78cd128d8a92807d6a13b4f2385fbc69a1f8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dfbddc7a711dcfb103a8f023", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "cliente_externoNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4a9fb634f6a22c6a0244b1af53e9073d3d0e16de68085e0856cca49d84535f30", + "source_records_hash": "dfbddc7a711dcfb103a8f023f9bb71bbde77529691b40420f2a60ac6a79e6daf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4ed9ff47ee3fd85464663f24", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "cliente_externoNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4cc11e419ea2d351bf24969c0069e96e5148bd9cb3d3a7c22402a1fa96bc51a3", + "source_records_hash": "4ed9ff47ee3fd85464663f242a336dbf1bcc161e8bffd89146216ec6b905165a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ed3386af31a57e0f1e8a85e1", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "cliente_externoNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "604dc75b46fbffb86e5dc75e35f1568765d4df639d8d2fe40c9ced7d260b81a9", + "source_records_hash": "ed3386af31a57e0f1e8a85e10e3050fe5a841734ca81d6de175576488f3130bf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3952a88a55a389ba02c94786", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "contadorNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "697740da52ce2b2d2099c814cd0ee8327d2ee05c2efe4fe533c5989f8d42336c", + "source_records_hash": "3952a88a55a389ba02c94786f29715a10558b2abe2b7b0895a9da9b4147e9dc3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6551171148e282da243a88c9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "contadorNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b181759443f41b750ca3fd10486d6cbf6fca84e03be9065784bd0faa77a477f7", + "source_records_hash": "6551171148e282da243a88c951c4f1d66078ecb2300e1c8bb352d428f593e833", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4854f96ae070f53c5b63c43b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "contadorNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c677323d17cd37326c2234178b1f388211236ef398db2923a405642528fa5081", + "source_records_hash": "4854f96ae070f53c5b63c43b7f39746cb76122fb668238776e4ac1aa97f06f90", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2cc3eeed20f5d3fc9be99343", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "contadorNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ab52203f77d128852c2737c5ba76cd6a7cf198037c138087de58be0707d87158", + "source_records_hash": "2cc3eeed20f5d3fc9be99343572adb4b81ef9398cc390649a63fb87d1ea38e50", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-748749eeb561e01ef20005bb", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "contadorNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d2de3b3c80a999b0c23b9f9363bdbd4bce3eae2021f6277fbb589ebe46f07ae7", + "source_records_hash": "748749eeb561e01ef20005bbb8f5dddb0401bfd169b38d0fcd8cd79f1cbd1481", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e51c9666ddd06faef25356ba", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "financeiroNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9ded2208c5b89a90b5f852c853c4dfe050dc94b2ced5acdeb2575421f6542338", + "source_records_hash": "e51c9666ddd06faef25356baa2a8c4ed1e5ac463ec8477b08ccc55095d49e691", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ccfd442014b522c5856ea9a8", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "financeiroNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c1f723dba88341dd49d5cf1407b40a229a1b816c2934d28e13420e6947822883", + "source_records_hash": "ccfd442014b522c5856ea9a89e654639a4e3f68767557971a4c1c76f4906fe38", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-149d50ebaae9e2bae7355a28", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "financeiroNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6b22bc7ac53a244090bbebe81dde295aa190863ea735111fa1ad3d7c326baa69", + "source_records_hash": "149d50ebaae9e2bae7355a2829485bc4fa962870a219ff89815c21a86da9ab16", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-694117dd77a32806ecc05dce", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "financeiroNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d83fc6883a3ace99ce943643c36d71f3d85da960334b5c938f703c961165c78c", + "source_records_hash": "694117dd77a32806ecc05dce5960efba850636030431335b560ad00c0f571505", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fbd8f174adb84d168c76abc2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "financeiroNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "273dca5b760363ef6e697dc9e2dd31151d2c51680b8abba03e2bdbe6d3031c02", + "source_records_hash": "fbd8f174adb84d168c76abc2de111d9c0acebbce815f045c7127d0d5da344f7d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8343bb447358e74b5ecfa543", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "gestor_operacionalNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3f31ac2d41d4dfdba7ee36d2c6f58ec8b9e19b9486ca775f23b46ad23df4d508", + "source_records_hash": "8343bb447358e74b5ecfa5432e66829be95bfd896fc9eb54697f4be647723207", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b3a23a04fbfaeefa95b09e65", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "gestor_operacionalNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "47df57dd789b154361b86a88253d2f48e8c72875f460a09562463693c82ebd7d", + "source_records_hash": "b3a23a04fbfaeefa95b09e65e5b43b79a3314d81223a68b6e2b138c12201d97b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9869f60d582b7641ac3b4dd9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "gestor_operacionalNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f5e9f4aa859f9dcb462a6abb0a0adce18f592f6ad500f5526e25337e98c0cc10", + "source_records_hash": "9869f60d582b7641ac3b4dd99a3d438eadfaa980d381ab9e55f9046c85b88756", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7be9f47cb88e75fb8f69233f", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0457ff11d12150c4f235959ea067d88a3e464f0b987734c80f62eb967cebb1e3", + "source_records_hash": "7be9f47cb88e75fb8f69233fbedc23c50f7dd7215b0d223d1dff44488f2be535", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-abde2bf9dad152aadfdffc7e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "gestor_operacionalNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0a62ee4f4b2aefab5a41b7e6030af8ea8f65eb7982cc216b121a91116b252a21", + "source_records_hash": "abde2bf9dad152aadfdffc7e80d91af8fe9c2b7385e5c4f49373e91985922d35", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8be1ae4a33a9739b2c85887d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "juridicoNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "634014b193236b09e334ddf0f444aa602ee0ae343db39b20a1135ae7cf826d3f", + "source_records_hash": "8be1ae4a33a9739b2c85887d7069cf90117cac8f23d290395145bf075e8cb24b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a72cb70547a448771ad3ee97", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "juridicoNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "40850bcebd6cad4bab4f99415f55558489619aa981b16efa8d875aa8faa886ba", + "source_records_hash": "a72cb70547a448771ad3ee9769f9861eb92cd0b9e55fae2faf5888876cd23d33", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-cd4d3d5472947cbbf54e313e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "juridicoNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "22a48bf8a21a63667dd7fc744ff0f9bf42db069fdd6a6992a92c9d21fbb8a5cf", + "source_records_hash": "cd4d3d5472947cbbf54e313ee3c8f99c9767e1528387942a479381cf39613a1e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d84aa405d12bd4d3a52e0f62", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "juridicoNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c42d91e49a4c3407da6d3a3f591373c16854cc615ac1332403fb0e0785eaddd2", + "source_records_hash": "d84aa405d12bd4d3a52e0f62426977506d8c06a41a379b4d8967ce62e1505fec", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1406eecf16ebedce04528310", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "juridicoNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5c4f8e636cfdc0e9292449069105a98ec8c1344b1fdd74ef34654aad233b6479", + "source_records_hash": "1406eecf16ebedce04528310b3455deff78fa558e82d68f0fe6e56ee66505087", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ee7fa3972d690dad1a9f6be2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "planejamento_estrategicoNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f7e8e4c4c31a2e20380fb12b1f766eb22d5d1e8b08a6c194d03bd63478b2cbce", + "source_records_hash": "ee7fa3972d690dad1a9f6be2c04087650b3fedc69225caee29576467b700246c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0c08c37c640031563180c4c9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0c22db82eb615c3001b9ffee3609aece9153901ebea7bd23636c1de1e6bf10b1", + "source_records_hash": "0c08c37c640031563180c4c90e9dbb2eaffab2bc4e69ec55813462fd9be2b74a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-42e6ef74d938c77746cdb72c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "planejamento_estrategicoNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9fac3e1a4657e07c1223141991db2329561d479767987e414562b4038dc0bce0", + "source_records_hash": "42e6ef74d938c77746cdb72c54a5b985bc53a008eb49d33d2b3b828b52a6d52c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a636fc25bd02c4ffb16c6962", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f3d46d3c766433b2b08fba4d7245e64557f64c2a8ce9d71686a33b168b742ac7", + "source_records_hash": "a636fc25bd02c4ffb16c6962b10db9aa8e1219e3ce9e0fbc2e887132e581d994", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-390f4acf1816ed6b560751a4", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "50547d17b2d54668f7b25efde5a71ee7bbdc3e2c7c33710dad5942d558d3ece7", + "source_records_hash": "390f4acf1816ed6b560751a4d2a991b8d8aa09205711197418e2d1ed8f097c19", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9e23c6cdbe89617a2dde08e0", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "secretariaNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "766fc9009d91e93cc458b18215273f9c453def3152c4a9db70a8f8ddda8b1059", + "source_records_hash": "9e23c6cdbe89617a2dde08e0d6af6e98487c73a8cadd5f5360eadfd40f55d7c2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-45083e2a5123c61a5547e5c9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "secretariaNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "89d81c59e668aa4387e029625ad43defd3dfac9ab0e2aacd9c737a24e07415c5", + "source_records_hash": "45083e2a5123c61a5547e5c94c0a9d3878bbf79411db564a040ec747624df9f9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5621cbe62605d3c619f2f2b3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "secretariaNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "44de917b6700e25c5f9b43c99622d0c99e0b84ec99a2f7099039f90b1be11652", + "source_records_hash": "5621cbe62605d3c619f2f2b33c22331088e601df155f71c5f34263b90be6aa38", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e8987454edc7c9c674750669", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "secretariaNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d21a33cd8abfe2a18799a8fb4b359fd62e11cc37e7fa6c85c7289b754a03155c", + "source_records_hash": "e8987454edc7c9c67475066980f85901a8c8ff75fb949eca396b6277fded2de2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6f5bef2eb928bbad1f1065c0", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "secretariaNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2f5e03b13e7fe4ccf6661e8155f94be741ab64a340c430fdbe2a6ca5e47dc6a3", + "source_records_hash": "6f5bef2eb928bbad1f1065c0f27afca4d35a1cfb740838db9f99829f08d276c4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-029f16f1af46ae6578c54d12", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "suporteNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6d9c7569c3da3af47c2c2fda8773dd513a89bc59da97fd8dd2f5e26eadb02588", + "source_records_hash": "029f16f1af46ae6578c54d12ce061b7aae60e225c27592ab797f3b5766e733aa", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-237e8bbe3e47bbb682b5ea44", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "suporteNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "478bc822ed17caf9ef0671500548b286cea7f2634395af307fec427e614b3238", + "source_records_hash": "237e8bbe3e47bbb682b5ea4489ee557ebb9e9aa73d110ebb0ca9a3110e7ac77e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c66881c2529beb1c3187927b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "suporteNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "238823299ae492c5d8cb41b191d0d411fa55372d9de17ec7a42289e9026dafaa", + "source_records_hash": "c66881c2529beb1c3187927b804d0134d952ea899a77a869096f4dcabeceb61e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a00b226d05e4c8d75f5d85f3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "suporteNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6e28c54505db5e693e497f2249733c3cf9b284501f1a89b8f1a55755a57678bc", + "source_records_hash": "a00b226d05e4c8d75f5d85f3088e952b5dea00881377106be1e8f31ff7c38e17", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d79ebee53e8c208df54686a9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "suporteNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0273e099dd149aae8764512482be06acd6d39a533f47e2de10f8eda0c2c9aec3", + "source_records_hash": "d79ebee53e8c208df54686a99ca73e197368a3608e75f2f8262b44cd8698be5a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-883daaaa95091e12b865b607", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "tecnicoNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ee8f8441cb4ec10f744f1ff7c706bfc1339a26d542f434c3b69f3ac7bda783ed", + "source_records_hash": "883daaaa95091e12b865b607fc0a3eaa089b8ac99b15a23ed550be78930f2c90", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-674a5a24f73ed1dfd48eae49", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "tecnicoNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "97251a36202e64d62be66b3c7273bb7145cdc18d7b87d5bb71433617404e0a4e", + "source_records_hash": "674a5a24f73ed1dfd48eae4909ea2497ca20cdd275dc5af73a0d7388f64f90a6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-432c72168bf314152e9bdf8e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "tecnicoNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "868391193e158cecf2b60dd5103eec767673cfe482bec3b17b0775dd29141467", + "source_records_hash": "432c72168bf314152e9bdf8e6ac71c2ed29ec44e51c8f5e8dc7ed984fdd5fc77", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-faeee54c17c05c63d6eb6b88", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "tecnicoNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "512fc59c88fa6975e5a7ae98705fa5cd6364fd0cd99359e86c846d1626cc42a8", + "source_records_hash": "faeee54c17c05c63d6eb6b88ceddd7ebcc6459e77ffc8fd04eab19a8db128dcf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-07fba005b74fd872345c580b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "tecnicoNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4658c8c10ffb48bb3294ee67cf2bc1e4a5f901f09bd961e5037cc45080ea39e8", + "source_records_hash": "07fba005b74fd872345c580bc431147c6e5a9d9ed9674e4e4a388251bc83b760", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c6e6037125061adc5ed6736e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para business/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "usuario_finalNeed", + "acaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6b3eb8aa4f54b00bd211376405143db02a567d35927e898e4d5267bc7303e97b", + "source_records_hash": "c6e6037125061adc5ed6736eec4f2cedce977ad005f6cb4d254159641b9c5767", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para business/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7a9c2f9fd20b59812fbf675f", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para business/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "usuario_finalNeed", + "auditoriaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5b1b11c3d6ad27a010d235c5cfa01558a3a5d0f71a2cdbeea8f2065d2b3b255d", + "source_records_hash": "7a9c2f9fd20b59812fbf675f1e2de204432632df64aacb6b1d03f4d14d734be9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para business/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6a25903178ca93b54c7673bf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para business/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "usuario_finalNeed", + "consultaState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a5025d532a44da0e6d9e4da6c636e7f9cc27883ce44f800576d35958323eeac7", + "source_records_hash": "6a25903178ca93b54c7673bf1bc802abc154eeae371b1e75f9611e0f6e7f8d9a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para business/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-552723b48fd546501370a743", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para business/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "usuario_finalNeed", + "diagnosticoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fe6610d90f27ef04d5ba4ba59e2bf0778b9ee5cca76fb2f4b277d1c1cd6af09d", + "source_records_hash": "552723b48fd546501370a7435c30435deb90a951f584344a809188106fe44492", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para business/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-372fc021da7ae4a961bca34c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para business/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "business", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider business via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "businessStatus", + "usuario_finalNeed", + "explicacaoState", + "commercialGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "business.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ddb62b820a179439d794c7f6f29ad1924d6b54f0f94c5ced3324fff5073714db", + "source_records_hash": "372fc021da7ae4a961bca34c31846443fabd45c151537d84dea4c2c2b847b8b2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para business/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-421d97740c6c748241218cd9", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "administrador_empresaNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "95610758d1f1275557afe68203eb62af7beec5a731b9e7f35fbfbf8dade2612d", + "source_records_hash": "421d97740c6c748241218cd946d1854bb4aa7b2db1c0ce82167776c78ec0f48a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-da71a08a14a5361908269daa", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "administrador_empresaNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "61b73e9ecf392c5a570a4695ac647fbfb5d4a38f490a0b47cbb5f41d65d10dda", + "source_records_hash": "da71a08a14a5361908269daac0c5b0781e6d401b8ad0764bfbc117a8b404f148", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5e1ee3a252953bb0ffa17332", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "administrador_empresaNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "865627e7c1446a86d098408d7d8e1aceab3814807f1da1041db23201d5c09103", + "source_records_hash": "5e1ee3a252953bb0ffa17332db74de07be3b7dbcc183d682bda6b8499242349a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d3d75fba0ce5ad7c088fabc2", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "administrador_empresaNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "755e05dce5a5d3a00e28a1c2e34f9454eaca42f6b7a77d851bacea24cba04d7c", + "source_records_hash": "d3d75fba0ce5ad7c088fabc226f39964182c7531d84c419f376f8c03d449fd63", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-30d751c14e86489cc2b32207", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "administrador_empresaNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4b7866f85bdc939833d31499ddfcc0332522216e2036999564d99f4d45bda54e", + "source_records_hash": "30d751c14e86489cc2b3220788ea451a7e5bd5d44b2968a284b77530bf99a38c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a0e0d70a285e01aa52447123", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "atendimento_clienteNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e01020978451ed2d9c5389ed2521bfe67bd0f6f7e1c4f50a2932e54047870ca9", + "source_records_hash": "a0e0d70a285e01aa524471235dd54621797587cdd6811f45335a4c0caad85b28", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e6a362f1d2d20a36edfec854", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "atendimento_clienteNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "36358ac5ef7513ff4824884eb281ae436c9d379d5192c38b0e0b001b69337f47", + "source_records_hash": "e6a362f1d2d20a36edfec85462dc741a1330d58d3320179600074ece10b15b9d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b55c69456db525ee2dbf1c8f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "atendimento_clienteNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "403d748cf5f625357043f67e56f7d8eb5d56c535b1763438f70dbacb133dbd39", + "source_records_hash": "b55c69456db525ee2dbf1c8f738617099ece60d035ed917cbbe17461a16bd05b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f88ddce83206fbf947371a12", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ef3a0b13c78b2f010fe647a815ea1cbfb56a38b4f23b9ded36cb0efe7cf28dbe", + "source_records_hash": "f88ddce83206fbf947371a12f1f7db442474cec3cd52c2f7c1ad148ef876bb31", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6d9a659e6b5160cc17b38283", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "atendimento_clienteNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b74a380e59e50265f62523aa27e026ece831f7d8d12d5e9303dc476d7a60fc5d", + "source_records_hash": "6d9a659e6b5160cc17b38283d90864aa07dc3491b4905b0d129ed8902fa2ad00", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6fcfe225f146ea6387759298", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "ceoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2f574faf8ded0239bcc1c8f5c67df5e37b50cea317d0fec4055ab7be9a228758", + "source_records_hash": "6fcfe225f146ea6387759298774419fac809f2b35b6cdbb87f86697ffe1429b1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2a2a08255aa813ef65a426bd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "ceoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fd8b68a0619ee11b00522147d0b7b8baaaf82a02387c302eec9d857507f63d57", + "source_records_hash": "2a2a08255aa813ef65a426bd25e0d422f45cd938b6d5e6ce53969c2afe031ce5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-992f04a502f6ddd9daf0b97b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "ceoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f823ab70acf3b849697d9300480d43e31e5a66908d4488e44261f02b43928110", + "source_records_hash": "992f04a502f6ddd9daf0b97b9b18cde405df8db62d7b4c7ff364c32486f94a51", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9738c928212fa58c6b0a53fc", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "ceoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b308b090526cb9a54d022358185b532def4a21f3a0609a9315db09c5eddde83d", + "source_records_hash": "9738c928212fa58c6b0a53fcc42127980ffda0c1ec64c08283eba3f986fc9c6d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d360c27674acf2dc72bf64f8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "ceoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8d5a2f48af17495c73fbe090e748eb7420db742b1f06d014c20552685a1a9a08", + "source_records_hash": "d360c27674acf2dc72bf64f8678f65de79f3c10c7ecbe733c0f2148ecf261dd9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-043eb1e6a85bfc8da961f435", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "cliente_externoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "438d9c7af33d986ec89d61252cbf4ee68a300c692f7e918b51b393f4c2c8283d", + "source_records_hash": "043eb1e6a85bfc8da961f4358ce267f7d18fe93b613352f67ef09762c4917ff2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fccdeeffbefda06bfc324d12", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "cliente_externoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4a24df0292527acbd75ee6599fc764f346cf58c156cf9f134816f8fdf2e29e40", + "source_records_hash": "fccdeeffbefda06bfc324d122be0a52ac1ea52a4b57dd691e336cf9c934d686d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-db5b3feefe77274a7ee958dd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "cliente_externoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a797d3c908d83e7ec274c484f2294c005485a9c155f17374d9a760ec7015c4cb", + "source_records_hash": "db5b3feefe77274a7ee958dde60a934c9f0e84047f808746962a898396283ef4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a7c2e4b1a1a9b7efccef8ef7", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "cliente_externoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "842485b47f1ded5d6dc50f3b3c566c52b1bdac7f2131373edaa8122f56f0b263", + "source_records_hash": "a7c2e4b1a1a9b7efccef8ef75df07645fbfe2f61b4f9e3df6e7b6fa67743b123", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0769489680cf26dec1527f6e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "cliente_externoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "49c9fd99dd696919f71435c00d611b81caa198bed17af5a48eedcf79694fa900", + "source_records_hash": "0769489680cf26dec1527f6e2ab4a9287a80312e1aaa843d32db7bd686c6a2db", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e1574481a65786a59e8667be", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "contadorNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "76378cdd16d0e2119b5b5813981235f45a5a039ecced2c597b00a5a1a9aacffa", + "source_records_hash": "e1574481a65786a59e8667beb156cdb2b44ab9e1a2648d88a1b0c1776e87b827", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dfc305d7e6bc414380927365", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "contadorNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2471e4c9bd650f2b354523f9db8d9fff5216fe64dc7d051b637cd5ae1a31483d", + "source_records_hash": "dfc305d7e6bc4143809273658c11e7314b0bec0b21f0faf9e08347efba220448", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a781034adf6a863661f74c40", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "contadorNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "df9f8c70a88faa7f2e1e60b2024113a60b074ac7fcb78a9c3bffdd2f28d83bca", + "source_records_hash": "a781034adf6a863661f74c40100a8fd5779a0100b7c8b852e6932ea4d354805f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3096bca3fbed3d072f4ba9c0", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "contadorNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "606c0b708c88c9c427fb7516f9614874a51eb7d57632a15d9dcb44d1075f35ac", + "source_records_hash": "3096bca3fbed3d072f4ba9c07b793f8d51e17fc536ea09005fd2d839abcbe965", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4a9d30a7a3d2c99afe6519be", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "contadorNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8b5ba21d027248869344dcd2a57e8a3dd73bc308e5b3a8223988e572de2d2e7e", + "source_records_hash": "4a9d30a7a3d2c99afe6519beb4b3d46c21bc7e7bf26b22806c6021b95344a160", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d9b19d82ef0a09658c9c29cd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "financeiroNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "57e0105999ad67d092c708017f1103b92bf2d41e6c4b94efedb30ae27a56f7ca", + "source_records_hash": "d9b19d82ef0a09658c9c29cdf100b90b9c8972d3d44f067cb7f622cc8f804a5c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-711c0bd1b8ce79facd1a08b9", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "financeiroNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8dabea178584cd8eac838c210087fedc91a926395602d432453bc6d7897c749d", + "source_records_hash": "711c0bd1b8ce79facd1a08b980ade64387e8c977262e9343624e3b72fcb04dcc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7fbb7dd1323952eeea9a0e1a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "financeiroNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ee28bde90f33cf3227073f4bf3e490d9e155eb70c3579e8f963cc4ea5ee68d58", + "source_records_hash": "7fbb7dd1323952eeea9a0e1aa9976621d861464d814baf4436ef6a9ebc8b4fa7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ca5156c0c8582f5c6e2fb561", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "financeiroNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b21c4bf0c3ad4722c37ed6c1828bf0776d3dbb5068a401df2f535a431266515b", + "source_records_hash": "ca5156c0c8582f5c6e2fb561320d7a70c373abaeee2767a2b1a2332b6b3268d1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-04399664610dafb4342c7fe8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "financeiroNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "459fb8cc9a27e565f5af7023075657bbeb3fae176af7ac6371131bb3e3187fa5", + "source_records_hash": "04399664610dafb4342c7fe866699c4357a584ea16e889b222f0eabd43a863e4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2c706d2f0f15d65a86425a7e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "gestor_operacionalNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4dc4b3184f00cae60fd5a367e952483b961a4f1ac2be7d0860bc82cb7a0de0b2", + "source_records_hash": "2c706d2f0f15d65a86425a7e128d29037cc4dac3c68ccff4f055ff002907475c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-626f043679ceb73668a44c49", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "gestor_operacionalNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9643383632a567bf814e5e22900230753659ce75eb4da362e1b17c30766b2bb4", + "source_records_hash": "626f043679ceb73668a44c494085f6b7bc019ddaabf0176c59cfa439d7c0c902", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-71e9470868e3cd5cee4dcb5d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "gestor_operacionalNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "27092e4c7a47c9f953044fb8be415487afb52c85d44118e5e852936ccbb839d0", + "source_records_hash": "71e9470868e3cd5cee4dcb5dca0a9aa91ee95bbc33a366f64172faa3ff1424f7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3965499d44e0f059e2dd2754", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0f0c7d15dd0cc66ae69ef3730a045a78d594dd60d618468a9bc569da93c03dbe", + "source_records_hash": "3965499d44e0f059e2dd275488a608c41c3b868c046c87cef625d672c36d974b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b2d18bdce27cf85ebc603fc9", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "gestor_operacionalNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cf53b062e44bef90594b122ba1f603ed7e19095eb67fa12651cbf78c61c9adcd", + "source_records_hash": "b2d18bdce27cf85ebc603fc9cb1b5a74e50ad7d32f3800210fd28e14c027e049", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6d4a344f9a12d1c66d4e3ec6", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "juridicoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "eaa561405af97490b772dbdc3748c40415754bea5c5e4c3876bcc05c4948e200", + "source_records_hash": "6d4a344f9a12d1c66d4e3ec6b8da61a973cb9bd6918df5aabe41e4b1a775d970", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2985d0c7dda4c233b2fc59bd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "juridicoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "630d3b626e5a65f86d5693a66afed56cb910319c86abf02f6a277eef80692ba2", + "source_records_hash": "2985d0c7dda4c233b2fc59bd5decf8e2802837164e4940ae47688b15fe972a0c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e390831e33de80045514040f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "juridicoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8410b16e56eee12ed2e25f488fc132c1d76cc807c9f70c791a46740c2afe2f3d", + "source_records_hash": "e390831e33de80045514040faf207ce4fd8776582f13d6dfb40b81d2f641ddca", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c4e66185cdf949f41f90a1ab", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "juridicoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ba75d3dfddc8fcc0b8e2b6d116822ed9b37ead343f76416db844ddebf9a88d02", + "source_records_hash": "c4e66185cdf949f41f90a1abbc089be7ecc65c9d8517692efd326feddb6b4317", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fbe864cfa750654d5741a786", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "juridicoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3c1f71411ee7cf8aae746255293fa10ea0cf60d07f987aa8a61376ada8ed3645", + "source_records_hash": "fbe864cfa750654d5741a78695b9243f9b9270dd5ed2b048194991e248e36aef", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ad8ccf701e72652bcae80479", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "planejamento_estrategicoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c982b655518732cc50faa276f90f4169e99b084d399a2dabd8f270ac7effcb52", + "source_records_hash": "ad8ccf701e72652bcae804799f82e5a9bfc8e8f2603f2c5ecfc4c3a8736b99b4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1e1b61e5839fae182833c595", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f5da9b8c417c9be3e70f8b6500cccae83ac3caa7e6c7107df310e1cee1ce0ec5", + "source_records_hash": "1e1b61e5839fae182833c595af81468c81575a06293b48cbbf7641b32f3dec15", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e9e5e308341227e00a81a581", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "planejamento_estrategicoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "66aec318ba43e4b13c8893dfdc6176c1ea0288fab38e1ba4af30f81e56801c7a", + "source_records_hash": "e9e5e308341227e00a81a5810fa273ec006945e72543ed1808825f72a81f9b58", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d219cbd8676c8a88b6927520", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "21a7580f3b9f68a456451cd6538a06a4aeb077714f23552674e96a553b96d12d", + "source_records_hash": "d219cbd8676c8a88b69275204dfc6a97723af6faab9aba8fb5ca10be43cf46c7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-17931610f091a97b1be26182", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "af969ec8d85da56fa50ff88363f33e1578fbec2ec53ed1f2bd71242229175202", + "source_records_hash": "17931610f091a97b1be26182342e7e12a0d4608e07469cd9fb4abf46cb144fb7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-afb2d9e11859c0d9118a0a0e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "secretariaNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "240c3db34b8a8d9ee81d8dd70f6d46083398021292cd87b8dd3e8b15a6581b75", + "source_records_hash": "afb2d9e11859c0d9118a0a0e9f0bc753aa75c1bd4911800c66d9dc855bb17028", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ceff2af0341593dba74f07cf", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "secretariaNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9deab34e4f3b4f2746c2abca72f1b6801a3ae11b0d7085b2ef2cb1ee92eee1bf", + "source_records_hash": "ceff2af0341593dba74f07cf5da64dfa64a7a0b786111b7641d2419a52866fae", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f3d917611ef8bb62c667c747", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "secretariaNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4147bb28d4ead07aa35f4eb3e48ab2fc587b11a42b4660468bf53db3ae32ada0", + "source_records_hash": "f3d917611ef8bb62c667c7476bfc227ce1140ac6fbc7c454c6452e3024d631f3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2a2120f5e6ac500183f8afec", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "secretariaNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fdb58bf8bda585eaee9d5d95223ba35565172a8890d90cba15aaf1353143841b", + "source_records_hash": "2a2120f5e6ac500183f8afecd19e3d0e64bd583b3c68090a6b5c4653152500f2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1a75fbf206a46a3a867c7f40", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "secretariaNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "36bf8a71338c1d2fc1a601c5d71df1101e3705bc95817412e756debc8cdb5144", + "source_records_hash": "1a75fbf206a46a3a867c7f40acb685866b1680601324d35e115c14cd9a7520b0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-36499e555d54edeb736f7f8c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "suporteNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4f697a5f0129e0ea60fd03b5d942462d836f9c60beeac8b8b1c4b45f667104d1", + "source_records_hash": "36499e555d54edeb736f7f8c54d276aadd980cde29b2809b67b9825c029e7072", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b55cf00e3af8f4ec5e2b8325", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "suporteNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "04db6ab59588c434420ada8c74869401774b7ebc99436fc30d14fe6769365686", + "source_records_hash": "b55cf00e3af8f4ec5e2b832574db8ce9d7e7fd0a34466e458bd36cb812c526a0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-298456292b7717b5c5174ec5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "suporteNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "807701cdddaa5c54c2b35e542afb59b37dc30487aa4a65aba78f54cc5ba59ab1", + "source_records_hash": "298456292b7717b5c5174ec5e7f17d3f288da7166dce04d7669681cdbcda181c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b67a15a015b3928efc9c4923", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "suporteNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "31036b94029c53ad7672843aa537af2045a7bde91936d529d32be0e102731acc", + "source_records_hash": "b67a15a015b3928efc9c4923cb3a19b38a6139e99ba9b86b6dac211f2159d0f7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0583bdb82cfbcaec1bfaf870", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "suporteNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b67ba4a2d78969a39a1acb3c1f075bc834b40d38c2da91510f39d5fb354d864f", + "source_records_hash": "0583bdb82cfbcaec1bfaf870f78ffbcbadbdaafc2df1ceda7b6724be5beac2ef", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-432adc362307bf454e5eaecd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "tecnicoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a3f1ffe200db00c310b064d93a0c5d975653dc0c7ea6409f624016d1ed141c7b", + "source_records_hash": "432adc362307bf454e5eaecdba48286038946a71e72c31d96ecfd2b9ee5a3da5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-85f41fc0321d80acf250f8e7", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "tecnicoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9f211a00c64050e36230b7bfc7f8cf833cafa3d24d24a6f532c6e971995a4aa9", + "source_records_hash": "85f41fc0321d80acf250f8e7af715e4469eea7b206a6cda9e263f4a125023f16", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1ee8f578bc1ac6696743b052", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "tecnicoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bec5dec549573ff84130d940f5a86bd4bdcf597a2fc01623559f4c150a9f5287", + "source_records_hash": "1ee8f578bc1ac6696743b0520d400db070091ec2a96b9428cd6e2024f07e1440", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8c3d7261a3b3bd85d5cd0cdf", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "tecnicoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d6dbfdd6445db7fad331ba1bf15d4770c3c3c4f9698d61e8c28355614d00b39f", + "source_records_hash": "8c3d7261a3b3bd85d5cd0cdf0c676d1a01cfa41d571727574862c7c54fbb9348", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2dc1cd5321b9d6cec0531dc7", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "tecnicoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d058baebe3cd4c7236f6595916d180e02c0f8450e270719ee1038bdefdeb000f", + "source_records_hash": "2dc1cd5321b9d6cec0531dc77687d2d2502cb43149b8ec531a113482dbba84e5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c7cdfee0b4d9f6cd6e87276f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para compliance/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "usuario_finalNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "700d4fd39ffc523f3aa51830472e5bde72d78e117f5884857dd257c584fbc233", + "source_records_hash": "c7cdfee0b4d9f6cd6e87276f45ea7197a65b2702e5aa9440b4a3576a8cdb2823", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para compliance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-103e9ec85a4139f2c1f90e5e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para compliance/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "usuario_finalNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "91db222ee019f118d4f734db5a87f65e6d556875a01e212fed5e5df45293b942", + "source_records_hash": "103e9ec85a4139f2c1f90e5e6a9b7b53bc92114b74335f6415ece1df963072d5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para compliance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8fbc6cc1a391d5e6b10ba806", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para compliance/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "usuario_finalNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6d2e50e663f584260e4fb99911559aa7251c2059cf9a4a9a658b06ecbd850dff", + "source_records_hash": "8fbc6cc1a391d5e6b10ba806f24b4f0daea59ddeb99f63233a9c947b727cb001", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para compliance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-491d3e48c0831656557569f6", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para compliance/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "usuario_finalNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bb8d2b6094e43a3f6823d626ee9f475ca7d5c2cd268b086edc21644691156232", + "source_records_hash": "491d3e48c0831656557569f6c9a0eca71c825ab5259d772f58fac456afa33b69", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para compliance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a123e8b4980eb0a70baf654e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para compliance/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "compliance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider compliance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "complianceStatus", + "usuario_finalNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "compliance.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0b6e02e6bdf9b31094009323e2c011181be310ec7f990704cf2d343aac1966cc", + "source_records_hash": "a123e8b4980eb0a70baf654e3f80ffbe0c003fece484b2bde176320db4673f99", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para compliance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cfcfeb945715dbfc0766a857", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "administrador_empresaNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "948ae9de7f99094f56123932a88ea81fc0caf16fb666345942f09bd6e255f1b1", + "source_records_hash": "cfcfeb945715dbfc0766a857eef41c99954949e91028a3fb8763f37493cd5af8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-468e669a7a4d6c1dbb36243d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "administrador_empresaNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "841f9d0a8e286b084ef0dff4f206fe12a492eb3f2ed29091bb57fdeda3ee5997", + "source_records_hash": "468e669a7a4d6c1dbb36243d03f19d43124a16effad3cf921a2cb98045693af0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-654beed97df178ac4c88a751", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "administrador_empresaNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5a2910387a2b4cf442767a9c52c80be573c1e758bc9ec65d04d1b610d2e32165", + "source_records_hash": "654beed97df178ac4c88a75141210dc5a98da056725cf8b1f14df33226d8de49", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9465b99e620ea05fe947c33f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "administrador_empresaNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0c295ce4cebc2aeed564f7d1755d49ba9b64976eb9bfb030fdfbbb1e9385be60", + "source_records_hash": "9465b99e620ea05fe947c33f9065a5c998bc7b23cfd6d444f410a919735aead2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-27c9d015e9618c378e15dbd6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "administrador_empresaNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0d0951bbae8ed782671e7b833d3c7fe8c791e732030025044bde6d024c4abf2d", + "source_records_hash": "27c9d015e9618c378e15dbd69ea028058aa51583cfad161c7b82347b5ea43496", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2fe2360c6250de2eb1f30181", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "atendimento_clienteNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8bb760d11d6226b532a4fcef99a7efeec3049e027e849d204ab7dfbabdc58d23", + "source_records_hash": "2fe2360c6250de2eb1f3018168cf012431413d583c9ef92dde89ca2fdaef37c4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0776a8e2baa4630815cfdf85", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "atendimento_clienteNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c5b657d83f74b2133ded22f857c677d0f81c9e1b1af107ba5ac13f44f70c2e48", + "source_records_hash": "0776a8e2baa4630815cfdf856502ec6a134442e3e6b48f13c1fe77c40ea592cb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-23eb68b688a8b03a87bf3b13", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "atendimento_clienteNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c84299ade3692d7c06f11034e851fa82e6d97d5a03efa8d576c4b18190912561", + "source_records_hash": "23eb68b688a8b03a87bf3b13ad00a2e347902cda7c5b3ea38efa28c2ba1f6888", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ec92a38c6b6cd50ed89669ee", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d62c4f79d3bd55975256b14d1165c88219316bfd4384a09c9bc50b5bffbab049", + "source_records_hash": "ec92a38c6b6cd50ed89669eef1646e25f18da2674488f8b90ba639cc2ba07256", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-710714600cb92cdaf2cad420", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "atendimento_clienteNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f5be0a53b49977b397b76610ec0f703cb25325af7afefa04dc5db910f984de9b", + "source_records_hash": "710714600cb92cdaf2cad4205186113e4f896cadeea25c7ca00a1f461409a43e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-50c1d4a820de5a5e7a8e79ae", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "ceoNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "52a376bd5d1d8365e309591b909324e9d16c5f26520520916d3b4e346df95467", + "source_records_hash": "50c1d4a820de5a5e7a8e79aef12cf8d86336a7b53aab9e7b990b13f3677a9e57", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-81965d72ac4413a0fa2ca2c2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "ceoNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b40ace052b5df7486690c0d6e63332901067cde4e9afd4dd9e4fee62414978fb", + "source_records_hash": "81965d72ac4413a0fa2ca2c2c71e67539520327b01d2cc8a2ce8fb6672cc3840", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ade72ce74cc7805bf495104b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "ceoNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "464d9a759c69e1e80c5be4aa8771c8aafa5233775ecb80d367acafef27eab8b2", + "source_records_hash": "ade72ce74cc7805bf495104b419631ffff3aac3964f0a6c64cfd13c8e5d02a28", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f076dbfe397fd7afea49aa3d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "ceoNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "03c2d0e5713da6910e34d8ce19f024ad48bdc12aa9220dd61aae7579f64a8c89", + "source_records_hash": "f076dbfe397fd7afea49aa3d345025f83d7cb2964992fe517072b9990e218af4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b0d799e832af5c83c87bbcac", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "ceoNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "eea1e6dc9e2d358ce671c8b7da3ee46c41edafbb8cef4edf0a5e3d61c66ce837", + "source_records_hash": "b0d799e832af5c83c87bbcacdde2353db6b41c2c936bbadafde7f2b08589033a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-bc207d782a8726b9db91e6ce", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "cliente_externoNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7f7cbfda796c292231300280a53d926f7f39c58c567baab95d0fcceb3596505f", + "source_records_hash": "bc207d782a8726b9db91e6ce4315e25e40fca061535359b42c40225464b27d7a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4ab85da4dd69c9cef99fee4f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "cliente_externoNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1c2eb3fc2ce8c3fad8f8860e3d8746f5da3439b14569967e63ebefdc82a4886b", + "source_records_hash": "4ab85da4dd69c9cef99fee4fdf0dc1883fe9d00a1c9fcd10dd062298e2b800a3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0bc254b2277212e67e2ae537", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "cliente_externoNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "33922aa2308d9f348e04504b0db299c97d143e88ee7bb4a01934d2b142c6b0e9", + "source_records_hash": "0bc254b2277212e67e2ae537feeaee3acf41f5a2611958e37c54689a0cfdee0f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-53694f2ffdc929ba98eda46d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "cliente_externoNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "659f6e1c4b84d25ea8876c6762519c459bdf2974636b63e9776302bb0ad80d61", + "source_records_hash": "53694f2ffdc929ba98eda46d6ec7395cd9565aa4f7eb8e5832084436f8277f05", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-5c562be9ba099c04c217ba8b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "cliente_externoNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1e96743f93bbe7f2025750bce9137dccaa05875cc2bfbcae4d9a0c5fae606136", + "source_records_hash": "5c562be9ba099c04c217ba8b56cc3dbf2b82a8df7cf1b41f6c8c0e6f090c8a66", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-042ff382a6edabae3613535e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "contadorNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5f331ba4a2abf0e611470910846fa55d6f1ea861531c9d9d266fb2da56a50a2f", + "source_records_hash": "042ff382a6edabae3613535e0ab5a5525f496c2bd6186a361d9347ff1da39ff2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b93f8a01c9d540c28d8b5229", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "contadorNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a35ea12fb93dcfccb167d40616b8f532a2a3142fe21421ba042e148628bece99", + "source_records_hash": "b93f8a01c9d540c28d8b52290d998b364229b2d4fd460f7d73a542c2f5fe18f8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-279c334c9e614b70d9427d46", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "contadorNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "44a87b510080bdd997df8bc130a65487992c05e7e27ff3be74046786bbd366f0", + "source_records_hash": "279c334c9e614b70d9427d4689b2172de838306d3dc0e101f17ac8f244ecb857", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3f577d0017c4985c273ccbec", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "contadorNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b3160fdcf33405fa84f889fc9b5e61460606389a3b3a287a4a07350549160739", + "source_records_hash": "3f577d0017c4985c273ccbec072d474a015890d72109b58ef688cd04353101eb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1a47beafdef3e1a0a65b75d5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "contadorNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0bf89a845d5df16c498536e71ea9a10871263132c2b48d07ea749b7cae7934eb", + "source_records_hash": "1a47beafdef3e1a0a65b75d5af0ed324cca93b696b5b4eb84aa88a5b902cd5bc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-305f88a181f8985a6201d6c0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "financeiroNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "908e8e92d0ef555fb30d719709c050e32e6c9aab80c7e5967880f981f3e341ee", + "source_records_hash": "305f88a181f8985a6201d6c090c62bd3f9c5a4d32a7d3a12cf60ec137a3b223a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2efe75c71423ea0598e808d3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "financeiroNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "618feb836c4042f9b609337a1b051335f1bf6b40e8d030d0963df6de7364757a", + "source_records_hash": "2efe75c71423ea0598e808d3c23c89bba4afa72158d4d5e172374aa465c595d8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d2097a7a63a08afd4951e8fd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "financeiroNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1540ffbf5561393c9e7a5c6659ab5bbec5fd81c0f92e96034f2a4a02e144ba29", + "source_records_hash": "d2097a7a63a08afd4951e8fd2d8e27a60c8d7b1c1017cabb3371eeb3f4787ff1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-104291093758ff8329e6cbc6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "financeiroNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2920cb33cf75bb3bde5d77a509642e659b3503427035c1526c9a25cb91304360", + "source_records_hash": "104291093758ff8329e6cbc6bab41358ff8f8c45cab56a29bf1717a6c8678360", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6e84d5e470ce7939a57d3ec9", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "financeiroNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4d0ef33308ed55fa0c53b27cdddb44b39b35046fafcfdd7ceabc2f198c9339fc", + "source_records_hash": "6e84d5e470ce7939a57d3ec998ae0a08412c5011deb9312742028b568e22d2fa", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7f0881bfb3619f4dec476864", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "gestor_operacionalNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d7c8cd8e054f136befb10b3fd1ec7c0593a2ad20da6bab63e1865fdfaf9cd775", + "source_records_hash": "7f0881bfb3619f4dec476864d2028fa982685cb7e7784499c9b81fa99fdc45cf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9fb1d527646472a7c7af2cce", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "gestor_operacionalNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "461ba2957f70fb56a3b7e05efea08ccf9841ef867c065e3474e56cf6f4a7f5d6", + "source_records_hash": "9fb1d527646472a7c7af2cce4b8a81022fa3715935f6e8c4eea8e86666541de4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0ae3a709640c3798f99ae379", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "gestor_operacionalNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5367951251d6e5d269e95d27dc9c21aa446b34f497a7e2a9b91d10412a78dc4c", + "source_records_hash": "0ae3a709640c3798f99ae379cdbdb02900650960871b3bfcdd06c47d59f90e44", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-de8fb670eb2d0dcc27a08a07", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cde3266f8898f5e2ead965542aa38fd6f3fbc5a7392c025ceaac672dea9af755", + "source_records_hash": "de8fb670eb2d0dcc27a08a076653e0357bb97c8b635ccb776f6245d81d707d6d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3b2b448497187bfb4a9f744b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "gestor_operacionalNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e4239ccb23857e6c93f6351bbf6be83bd46d04dbce03e4e56dd110afd667671c", + "source_records_hash": "3b2b448497187bfb4a9f744bb89a2263069b2e8b557bcf48ae95b6668deda65f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b2b72c38292c8cdea1f2c0f9", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "juridicoNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "22d5689aa76ae0f0751eb27dec08274e1934baa8cea5df0886dcbfabc48daa46", + "source_records_hash": "b2b72c38292c8cdea1f2c0f9f8bfbf5655789e20246537f78a34074e0c834c4c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-325cae668e905bccd35f1299", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "juridicoNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "547723c0a2e501f5b0108269d2e20431e574c3ce7dd387424fb8e418a4a481a2", + "source_records_hash": "325cae668e905bccd35f1299066f5b65e6c35ec56c99d0b3e0894d74aca71154", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1f04cee2aa4c57755f5cf582", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "juridicoNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c0c2ea594e9b0ac15ed971ff7f0e52ef26c44910334664c33ac54c0e7de19606", + "source_records_hash": "1f04cee2aa4c57755f5cf582ccc586d4aa9d69aff2f55a59024c0ca5c576c5d5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-16b20b7ee526401cda57cbac", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "juridicoNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1c046a775ffc92df190e7d00b074dcd4651a722aaeb869b09180b43f713f71fe", + "source_records_hash": "16b20b7ee526401cda57cbacc45d82830b222826f30f816d892d21005006a132", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-054cb845a74693e4c6ec1481", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "juridicoNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0ab5ca7c6fff8eaeab66775babddd708175c72c00aa51815dea88e638a21b4cd", + "source_records_hash": "054cb845a74693e4c6ec1481a88c4bc4c6da0ba28217b31c768a8e2ac5588eab", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1d51ee78a02f8503afd1eb7b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "planejamento_estrategicoNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "94ecba4182143d0764a181590a6ae6655385f632428bc376762d5110c7d0f6f7", + "source_records_hash": "1d51ee78a02f8503afd1eb7be6e92eb3444715e4fe9691b09f3675d6e1de1911", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7eed4790f072dcb8e0b59e21", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fe32cb5f3e0941819cec9ffcc368efb1ee8b174abe8568ec68cebde7f714931c", + "source_records_hash": "7eed4790f072dcb8e0b59e21df751eea5d6ec3ab8b3af807d9af4d9c907cb453", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ad35a0a7546fc0eed9cb563a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "planejamento_estrategicoNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "249eb30cf74700542a1f6f1c965d2c10f46af0fa8d271321c8a076c779986cf6", + "source_records_hash": "ad35a0a7546fc0eed9cb563ab23ee5945eee960345f5c804415ebf4543de721e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8dd56592a613ae636ad2a963", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8ba4a2746f318f668d97dde67b5b2b0b22454d9e265fe5a0d54cbf434254c1c8", + "source_records_hash": "8dd56592a613ae636ad2a963fccc13c377dfaf3c7329ff483dc4280b4b88b456", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0e604eb186424a33806ff70a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8ada21c81c481f8add7cd47c6d1dce1d7ab88154f37e80b79abd6798268a2b1d", + "source_records_hash": "0e604eb186424a33806ff70ab9017484dc6bcadd60897003bad8b2376a43b5fe", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-26ac7a0d6bd3e77ae069e991", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "secretariaNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a8a17fceb6352ef819d550926e24ec66760a57238ac6461ca53b98de9325fdc3", + "source_records_hash": "26ac7a0d6bd3e77ae069e991d4ca6125c87cd55876afa3e82c245a4bc35788ab", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cd101b589d331f5f5b87dc4f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "secretariaNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f5cb10d4c77c745ba8435351b6a174e20110a69391ad287e572ff89c7248467a", + "source_records_hash": "cd101b589d331f5f5b87dc4f8c045220c54320c0fa0b6383f946bd58fc4c2ffe", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-93bd4a0806d561c188583260", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "secretariaNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ee92e0e6352f18c9cc2e9a2fe5715fd8f16f086db3c89b7869c21f6cdede52d2", + "source_records_hash": "93bd4a0806d561c18858326006b6d148c0efb6439eecaf4effa0ece98f04a1eb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-77a2899e4dab10b18f960f58", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "secretariaNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "06ae7f8d98e9a10ce1f8fe37158b94f86a9a9385f3b71d7651d6fd969d0c23ba", + "source_records_hash": "77a2899e4dab10b18f960f58fa3b5b8aedddf557dc3d95eb043bf52f7ccdebe5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7d90a286850ff8112e488c11", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "secretariaNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1a875de5d19475398cd8ea327b81ffd89015f2ebe322365fa870b65cef329e4b", + "source_records_hash": "7d90a286850ff8112e488c112d69b52ebadf6c1555f5de54381bd25aa730fecd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-683610d7053f20960e3c1638", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "suporteNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9e6fe7ab2e55a2c1d018833102e08d65cf4123f3e621f90ca180553593a89688", + "source_records_hash": "683610d7053f20960e3c1638502199d588b756789fbb784e90e2ebcbef62537d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d730899874ccefa4b86e0eeb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "suporteNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f9f8d1ca825924392087f472e2c5bd70eecbc9bb4f1f4663d693a1f08e51d951", + "source_records_hash": "d730899874ccefa4b86e0eebde24333e31ef775e597932e983870d25bc5fdeab", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-255f9f411542bd8b5b1c2a1a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "suporteNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f10293f279a0c1557323cf0f9a39455b852f76f364a024ee97e14a788ddc51f8", + "source_records_hash": "255f9f411542bd8b5b1c2a1a70da3b34e11057787e5cdcaaf2bf5d9126b9d811", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a5f945299a57272bf2d04ac2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "suporteNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ea83729a77db8714827284dda2835e15e9d1fabb19bec53e0a65e2a2d5d60915", + "source_records_hash": "a5f945299a57272bf2d04ac2a4d19a1bccf4460959fcf35420b870b970e1450a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e0fc3225de9f64ceed1d77a5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "suporteNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ccb5c78b6066f3553764a81c253d2efb5c4604eddedee804d1c96b5c6211097c", + "source_records_hash": "e0fc3225de9f64ceed1d77a504e33958220f3e066abf9ab78b86a8e3d4894693", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0200da8bc80defc164ea558c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "tecnicoNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c165cd69a213147b24186199940f572ce072cd33cb1fa497450f11c5e9c91cc3", + "source_records_hash": "0200da8bc80defc164ea558c97eaa2246e28bf6769f8e0fe50524d5fdd0f7bcc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-99d4a0444c730aa93771554d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "tecnicoNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "de9d9b8e078919b4c5ada20e15b1492d741d8c3a0ba008ccdd9c19a7b5aaf9aa", + "source_records_hash": "99d4a0444c730aa93771554d98bab442481b7a916ba4f9e035bc4478a2bc91b0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1632aeaab72071db338c0d2f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "tecnicoNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "240707d46335d5f55717f3d94b1b1665c2393045bb5bf0357fac7ba62711c31b", + "source_records_hash": "1632aeaab72071db338c0d2f38ce9b81959b1ab9c41ab8a3efa98049a367c04c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e900ce6ed1e99a2e2c7a72d6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "tecnicoNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "886dc82724d68f9f9da1ca53c39f1b4a2844f9cef72bc0c130cd44e41eedf170", + "source_records_hash": "e900ce6ed1e99a2e2c7a72d626f87546c4dbcdd41fb9fcb76fb70affea4612ba", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ee21a5df3701899e3850e4bb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "tecnicoNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "eba31dcc091abae69011e35386aee37cb93ee8d5aad3b8be3b8acf36e9fd0dc9", + "source_records_hash": "ee21a5df3701899e3850e4bb5fbe724c74163deb88787cc094d0ea8fcd21ee12", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-55adffc1b77d4e8924bfa670", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para customer_ops/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "usuario_finalNeed", + "acaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "82a4747e0e55988a58184bbdd73f432e5b7aa9a1a6f589f55d42314d5c0987dd", + "source_records_hash": "55adffc1b77d4e8924bfa670adf8f15aba14d17475114562a4bf721013399b5e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para customer_ops/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-254c261b8f7a5d2b76701628", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para customer_ops/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "usuario_finalNeed", + "auditoriaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bec48743d3f875a897eb646ef299093ec78f6c0afff4e8d77b66a0e6545e3b5c", + "source_records_hash": "254c261b8f7a5d2b76701628ae76e99c796520599ed80aeb1adc0733d1cdd242", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para customer_ops/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8ae008cd96f6ffc8367f9443", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para customer_ops/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "usuario_finalNeed", + "consultaState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "437811f383f6b5a373fbd922e4c31c84f70eed3a1e7d1945db5e61cdd5c9d5f6", + "source_records_hash": "8ae008cd96f6ffc8367f9443ed35fa84ada4ab7c84ae9eef26ff91f04d650f5c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para customer_ops/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-541862d614510bc0e11a0637", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para customer_ops/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "usuario_finalNeed", + "diagnosticoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c400c1e98225049b93c8adbe53ac5de1658c332b3813fa4b592460e1b25bc487", + "source_records_hash": "541862d614510bc0e11a0637d3ec49d5b3a90f58208ddc4725b46b1fcf836cb7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para customer_ops/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e650336a942449a3c3a6dd14", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para customer_ops/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "customer_ops", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider customer_ops via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "customer_opsStatus", + "usuario_finalNeed", + "explicacaoState", + "supportGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "customer_ops.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6ca49d8339574698203280b83142a0898d0e0c9ca9794acc6fd929070cca4448", + "source_records_hash": "e650336a942449a3c3a6dd1437ab0e7a715413e2a80f901a91b500c1966c0b5e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para customer_ops/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-346940b4ec21092bbfdc964b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "administrador_empresaNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1828eba28b4274ed3810c8cbc070340e6b8b4350f8aaef7b7d2dca3a2aa175a8", + "source_records_hash": "346940b4ec21092bbfdc964b41e9d7817e1c508a4b98816739e4285c97cea0c8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cf3c26e318de54359670b6cb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "administrador_empresaNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fac623d8fe864fc09cdff9ae5483f18fd4bb7ff3a12cfd4530c62670d8caefe4", + "source_records_hash": "cf3c26e318de54359670b6cb7c3590c66bcfc42e0eb667a03389905d89a93a54", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4db47c363333808ece2f256a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "administrador_empresaNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "99f4b6cdfa952759a211ab5a870a5be101badeec59fcdec53ed381fd3be7886a", + "source_records_hash": "4db47c363333808ece2f256ab53f832a01c81449d847a140777253a274eda641", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9efec5d28bfccb7405ae99fd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "administrador_empresaNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1524447942d010a2d3f337d0bd485ed61a26a4da78e5a96fc519e2a12520c234", + "source_records_hash": "9efec5d28bfccb7405ae99fd59f3c7ed69eaa5b3bbdaf9322e7860a799a88d59", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cb60086f8807bc578abec35a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "administrador_empresaNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d97811851700dbfa17efceb59743ea4d2d874f402d0068e7e60461254e6f0469", + "source_records_hash": "cb60086f8807bc578abec35a3fb9ed7b5fc491934ea5a0578e337ed47e534dd3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8a25c8efd479919c831b4943", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "atendimento_clienteNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2bb43d22ad583ca2ddb8826cdac7baf8f88d40e6996742a2521ac97a5eb1b16a", + "source_records_hash": "8a25c8efd479919c831b49435280e821d11d04a0f7a7ea8fdd7307407fd7e345", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-812f94916921fb1b58fe7eca", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "atendimento_clienteNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1b85a66fed625a839cc55c8934d269f7496bad1c2b7ed4626b080d3c3cd68433", + "source_records_hash": "812f94916921fb1b58fe7ecaf66ed12456f28c8ec7b227a18e02aeefd357c842", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b57635f4d81c23f26e4b069e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "atendimento_clienteNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "aa563441bfd8aa922a7298c299bdfaca0acb15f6ef85b127a1eecb8540a4dc77", + "source_records_hash": "b57635f4d81c23f26e4b069e2cf748fae470703e1a044d118a66686e8f76d51a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-717faafd09a806dd68b2ff10", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3d79c14d2a01f4d7ac41237e47abbc5d0a36373a499ac763f11e44b48983c1c7", + "source_records_hash": "717faafd09a806dd68b2ff1069868d9e0aa1991b31b938a02283ed9cb0c67bca", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d0df968c0b527fc5ae5c59a2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "atendimento_clienteNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1acfad8faf974c22350ce71db767fe88da7ab492a71ea4f5bcea90d5fa5f0a3a", + "source_records_hash": "d0df968c0b527fc5ae5c59a29bc7d3a4e98338309aabd12cd2a3880af8fdd304", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-301023501546306b1430cf93", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "ceoNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "66fc35b529e041aba29e091c3334b6e6a9e19bd2b34b8ee37f52dd703560bd1b", + "source_records_hash": "301023501546306b1430cf93d41882bdf83034691682b767f479015c63b4c6e6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6e1d29531c86f3bfb0536315", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "ceoNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "11c577d7e6f728d43b552e45c6a6597abe26c7e3ae2d4a7bd0036a9a3182bb21", + "source_records_hash": "6e1d29531c86f3bfb053631550e1f6f2708437b0a82c32bfb2ac37f593229863", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d60614d35da495f081522b67", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "ceoNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9e2b95de4c339f9c64709a52b5edf579cde9baea89fb772b3d3af6e20d1f6b74", + "source_records_hash": "d60614d35da495f081522b671c70b7b43649fc4c1d1def7e308c0092ce47e2ff", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-666b7fd7d72cefd7a4d430b7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "ceoNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bec485c67a704d7d3c45bc5d94b6650ea150a68355831260a0b1068a1298fe66", + "source_records_hash": "666b7fd7d72cefd7a4d430b79535bb87910562b157b0d5b66dde6ff88ff89045", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b80ee7036757ea7268212e4a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "ceoNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2d1c0ca6dd5ebf390cdcb6178ebe83b4291ea29275df951ea418c6b6743635a4", + "source_records_hash": "b80ee7036757ea7268212e4aa961a7693a61b06b29ef40827c6496559744a0dc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7138a913f72eb38338317af5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "cliente_externoNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d85242943e96a28a2e3aca7ff1b6fd71691c0fe1ccc739bc9ff2d1f1ba4e64bf", + "source_records_hash": "7138a913f72eb38338317af5aaef05c6e48fec033f9e392352622fcb0bb3299d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1fe4ea929dcb93c81aa2f218", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "cliente_externoNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cde92ac8176e660914758af7a216edb2237aac7a1cefd381cb1263d3d18aa916", + "source_records_hash": "1fe4ea929dcb93c81aa2f2184cdb6bb118c764d54c016f6c3940e2d56e5f8bd9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-04942a2e3a4ebff69a11080f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "cliente_externoNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "532ba667e89db33475a61307192778bec686e9c99229ca602b11c70cfa48906e", + "source_records_hash": "04942a2e3a4ebff69a11080fc519e81a80da6c08106864fef1930b24bd9cba93", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e304491952bf6c0558924429", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "cliente_externoNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "127aeb87c76f2f88d6d62375859bbbbb3d2753db17235590d4d3227945f5f58d", + "source_records_hash": "e304491952bf6c0558924429dd433dae1a94a8656faccbb067cd0725eb6afbfe", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d371ffd6817c5f0a60e46211", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "cliente_externoNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7a187b2d02db461c9badec06e8060d7ef71e66150486bdbd3e7224bd5320844e", + "source_records_hash": "d371ffd6817c5f0a60e4621126e2e141ad18405c7a50c6a3f39d4461fbe88e38", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e97230fe93815d5dafa75afa", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "contadorNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7280b815fd7f54f3e42ff954a8f759defe6101493fd33148b4bbaf3eb03dbd74", + "source_records_hash": "e97230fe93815d5dafa75afa7a266ca0af094ab0d9a17a58a04b7a25af6abd13", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-bda0cd7ec5af6ee616308b82", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "contadorNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0a35fe014d24145196c66c59be08fbb07829d11aea2f4a4e01596eb72f6de623", + "source_records_hash": "bda0cd7ec5af6ee616308b82284eef05ecd662db3e9a02b8fcaf533549689fff", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-12c2eb08dfc32437f756dbf2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "contadorNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1c2b4896ba4f690a7503b863ded77bd5657f6a8d64508ab263c66cc249780979", + "source_records_hash": "12c2eb08dfc32437f756dbf254ad6cfb737a8298ed4c271781285b937be5c49a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6fdc8d784099893a7dd90395", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "contadorNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6ab0b8bab9372b7ade00c588321305a48859f8a2d2f9907a1de0bd843c9a128c", + "source_records_hash": "6fdc8d784099893a7dd90395c661d5bc9c2915ed563b5969651ae2aabe648f3c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-88096c6c37b2d692fc5519bb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "contadorNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "26f0c3c3f3db5bfc78506a00ad8affb894908889809568adecef105596b323ea", + "source_records_hash": "88096c6c37b2d692fc5519bbc1b32b4e90fbf8a252ea69fcf167ae35e1ecfca5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e889f2a8edea53987af6e37a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "financeiroNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f8f628208a61c67c6722a4813907ba07c398fbcbee529e51b359ed26572224a8", + "source_records_hash": "e889f2a8edea53987af6e37ae7fb2f025f8df0da2ae4d3bacf7519d1273a99e4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8095558a1f35dbf8285f9b79", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "financeiroNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "791a646f63a38b7f3f6462067d47363069427bf52cbcc4b158b3afe94b665a58", + "source_records_hash": "8095558a1f35dbf8285f9b79f749dd37707e19c56f9b873a53387e5534133c65", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c188f72ca7db6298f05a50bc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "financeiroNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e8d2cfe4bb18e5f54f7db2520beadf6b0b9b293f3a041b5c78b4c5eb5a2b13a2", + "source_records_hash": "c188f72ca7db6298f05a50bc59a77d151702447f6ecf2a59239996a692d495d5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4eb71444857f2ba191fd98b7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "financeiroNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d2c95b525a1d9c697e0bf4ae414670004fa37ba499e90cdaa8240babd7252350", + "source_records_hash": "4eb71444857f2ba191fd98b7ea2319e6f726c8a3a4414cab6923730f25548889", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-133397aabb5a6d639a379379", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "financeiroNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c56f6577abb282731173a010a13d13278dd07a404178c6a796c0ea9bc45d6280", + "source_records_hash": "133397aabb5a6d639a379379d7b7591b1f1ede2b93f06088909a305d09373b2b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-59450bb08828a812f44adb14", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "gestor_operacionalNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "65ba618ba03cf3741d7c6abf63a2f6b54a46dca327e3b9685235fda5d89dfab8", + "source_records_hash": "59450bb08828a812f44adb14e3a6ae0ac19982e866419c87dfc3fd7fc0215752", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4b4935a69b738c2a9be0067b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "gestor_operacionalNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "96e17405e2caa877486afb51c565ae114351aedad95570f35b72490ded2b7d1f", + "source_records_hash": "4b4935a69b738c2a9be0067b34f4b58baaad1a5ed89d5622f73e54e5cca7e6f8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9526a5b2284ad5bb22c88c5c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "gestor_operacionalNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1093c838ad3606d8b2369fd20004eb68838cfded8632fe4cb3ffe44fd448d0eb", + "source_records_hash": "9526a5b2284ad5bb22c88c5c529b4d9e7009f0c97d2136739af7af10ae684d49", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d1b18664677146e54259337f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "01153a6ae5ae970d01074a75362b47f20be19e9ab2c623ba593dc6a61e25936e", + "source_records_hash": "d1b18664677146e54259337fd8b3f06a03db9fabfcab3a8fabd681dbc3a9afa8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3e6c28d4102456c4c4c17b12", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "gestor_operacionalNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c9fc404f352c7351275b6ab65ae608ed4882a6770584d8e35708c09053d68876", + "source_records_hash": "3e6c28d4102456c4c4c17b12bf873f1c65e73bc0454103a2679771bb36ea726e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-50cfb7ba141c7c3fe5dfaac8", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "juridicoNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5660c5e5eb26ebfc110e548402a6285c801cb070d36770f9b61291dee747e8bf", + "source_records_hash": "50cfb7ba141c7c3fe5dfaac869947fc7549b09ea383aa257aa83943479214f33", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-936945b085492100eb39b161", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "juridicoNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1fc1421272a64466671b526e4009e20232abf4fa0b4ee7053d4a43c2c94eb7bf", + "source_records_hash": "936945b085492100eb39b161d7c90e5d62fcdecee4860290ec86de115af812c6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ff1b6e665019433e90f89703", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "juridicoNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8370aa8702d7da7418a8d05e256a55b03de125d68fd2c95e4ede22bb030509f1", + "source_records_hash": "ff1b6e665019433e90f8970312cfd4cb84f9a398a7ab6ecdf93cd30c9615cbd5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8f39fb7c8e2a0a5e64899184", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "juridicoNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d241d3bc6d918f1c1b00700cd500d230011b1c731584790dd50655e24194332c", + "source_records_hash": "8f39fb7c8e2a0a5e64899184ef98b0d3ecfd548bcf8735bee4aaacbdd3bd7afd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7c971e0b11f4de780e337b20", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "juridicoNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "02f751eeb3f4fae24728af6a44666375a19419e18f806cc24d326dde2578ea3a", + "source_records_hash": "7c971e0b11f4de780e337b20a1d00ee185da2c4ba61287bcb15c8aefdedaf22e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-735be2e45e8c23c5fe4b141e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "planejamento_estrategicoNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cc645931650000364886d745ab6f2e58f0f561df4066101d7586bba13c7fbd0f", + "source_records_hash": "735be2e45e8c23c5fe4b141eb89cbbf25501c8ea8b0f09753c57ab02bb45487d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-229234188a3c8d1b6d1a3e47", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bb27866912a408a2565b601e4ef3686c66727c31696df87c854fa63434a17dac", + "source_records_hash": "229234188a3c8d1b6d1a3e4739d131890e83344dee04f7072e42d2fe5887b320", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-34fd3dac4f4b60b2a0fd98b1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "planejamento_estrategicoNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "219e91dfe9c89d327f4abc12d1341d9bccccd1841a2987eb2fb381ae35f285f6", + "source_records_hash": "34fd3dac4f4b60b2a0fd98b16e46217c7e2666d463d7eae9997394afe6903ee3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f8cc3dfe95b031376ffada32", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6302dc7350f5b996cda69e88df9c93b6413e983a1a7b393ccf48d23d7d5a8840", + "source_records_hash": "f8cc3dfe95b031376ffada321b0f717a11e8678b8f2a1a7980e8a90f6b4ef622", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-70489882ca4c9756f7e1ac67", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2cf52e76eb999ad6ddf4210bc75018eec19b09454d65a312d4eb20d2631f43f5", + "source_records_hash": "70489882ca4c9756f7e1ac67560453a8808a7f41a64446c80777a3270e17e362", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6b045129a059adbffe57ef0b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "secretariaNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b6b0e14c728100c98ffd6c7d72f72fcd6a5d05d9d26dc73989c90782a1102773", + "source_records_hash": "6b045129a059adbffe57ef0b32199e0c30a9db9a6479e19a2907bd2f2181abdc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b186e63f8b05e7c023fa2282", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "secretariaNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "06fae23600d0d8b222bbdcef3efcfd0be612358e594db90ab869c137e5bd4b47", + "source_records_hash": "b186e63f8b05e7c023fa22821e72743beff9352f2aa941ca8940cc8900f2b300", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-58a034366677b0414fd430c6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "secretariaNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e79aef0d2be1b69b6789699d9e8509165b44262de1de92553631d97e91f36efe", + "source_records_hash": "58a034366677b0414fd430c659cca4773706f444377776b2fad8b3ec00edd6e9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f6fce1cefb9a943c703137c6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "secretariaNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8c937f6c078cdffdef8786b24ba5646f937d44c7c2d35e35d726f637124bc21c", + "source_records_hash": "f6fce1cefb9a943c703137c68b5aad559fd6e76d2f429e72d1a01f18a2d4990f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0d09ca758e0d3ab2ba5cfd6b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "secretariaNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "de1eff01fe214e20f0256d5204dbcc8810ad92e802af72c48dfceaf4af4ffb38", + "source_records_hash": "0d09ca758e0d3ab2ba5cfd6b129568e62eac83958ce61b89c53b9efbfd25bc26", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c9a09bf7bce8d3d33437d2cc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "suporteNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ce119aba3bf63062e08de2cc92863249519a239a65c8a75e8f637bfdb91ffd89", + "source_records_hash": "c9a09bf7bce8d3d33437d2cc92b6f23aa757671a02ecf4facc63a72b3e79a825", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-213670f82d95b62d4a262e7e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "suporteNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5d2d2da7f4d8ecefe803f66c5a2d7877220dc3a0fcfb41acb92021e399679185", + "source_records_hash": "213670f82d95b62d4a262e7ed64e6c13b335c92a8a3e13327a95e073afabd172", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-11b1f7565fb6bf904abb32f6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "suporteNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "42e53fdbcfad38583506286df22ff51356a1d3c6417432adecf8f8df070a5c7e", + "source_records_hash": "11b1f7565fb6bf904abb32f647b161a2d31b3fc4591bfca3a23b4e356dcd4d53", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-5763dd2323a382f21ba15caa", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "suporteNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "24d529e1e09f1c939ef3b81a8251c167b556b5c4896346760770cec93c844e39", + "source_records_hash": "5763dd2323a382f21ba15caa2e58c3074f648f9b0a9abe320b57311ab0b4d81a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1d9eaa2f127220ba329b6159", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "suporteNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f77c97a58150287e93d0145201b51f1f2e5957efaa46ecb8dd28f88467091aae", + "source_records_hash": "1d9eaa2f127220ba329b6159956a25f43f368b8a964795365e6a98243631589b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a584cab7ba1b8e4d91ca9a5a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "tecnicoNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1943cd8aee82b90eeaeb5199a8ba471111beb036004bcb35396de0a2cf8a8a2d", + "source_records_hash": "a584cab7ba1b8e4d91ca9a5a44b6ed53ff7e354b36a6e324156cbe9948d6249b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d5f04b4aa13463904c3bea82", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "tecnicoNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3013899d83c3ab06bdaf2f158e3f2ef9e50533eb4799091a13f86e8f34b63291", + "source_records_hash": "d5f04b4aa13463904c3bea82c54a2f59b7616b7fc7151b3a06f49bb9eeea3b17", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a5b577fbe8193a3dd934acaa", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "tecnicoNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f1aab25294dd1ba0874bbde7a9c6e91c2001dc226fc4a100652dd9eafeae77bc", + "source_records_hash": "a5b577fbe8193a3dd934acaa845c87080515fc5107de5237ed2695141fee44a1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-00d42e7f01430a491fbf0902", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "tecnicoNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "31e89de30a8db4fe2108bf5037d1c0dd5cbda825a11df03b2a9fc33656995be4", + "source_records_hash": "00d42e7f01430a491fbf090276d77eb5d161d2539613dab8d6a7e9a44dedf5ed", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-65ae021ccc43f608782efc48", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "tecnicoNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a119834cfa5c9dc1c56e0a6c341163634ec4162f2b857c8bfee9cdd9bf6d879d", + "source_records_hash": "65ae021ccc43f608782efc48b0f914c09076d7ec263e6dc7aa305a00539919e3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8bcb657d48af6a2f7b871020", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para docs/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "usuario_finalNeed", + "acaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "46379fce619c74733f58707d8ed73dcd5009384d574e77a66eaa68d57d5c6df2", + "source_records_hash": "8bcb657d48af6a2f7b8710202a6d4a714cbff37a0ecee1f599099879274de53e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa acao para docs/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f3e782b85fb0de5428f11859", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para docs/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "usuario_finalNeed", + "auditoriaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a61a8654a44803b86d2e68ac22bef86e2edc61bbff729b55389dafec6a28a9ca", + "source_records_hash": "f3e782b85fb0de5428f118590243c783da3c18c7224d10e47ae2e196ba0140c7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa auditoria para docs/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-24ac307af503d971c52146d6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para docs/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "usuario_finalNeed", + "consultaState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cf413f3773b3e7b8b055fa75d2973621d99e4731b4ab58deb894cd0c3e4285b4", + "source_records_hash": "24ac307af503d971c52146d6bc68218c543068cbae56a0536081c7f155388854", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa consulta para docs/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b49a1ebe140828953b79c4cf", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para docs/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "usuario_finalNeed", + "diagnosticoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3627decce9370de13fc19e04a70c52e92bd7415303845ae007a3bd65fbf52729", + "source_records_hash": "b49a1ebe140828953b79c4cfa2f3f83a3510d7f0b3b021491ed60dc128ba4382", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa diagnostico para docs/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0cffb9e36a2dfd5fb617e512", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para docs/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "docs", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider docs via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "docsStatus", + "usuario_finalNeed", + "explicacaoState", + "documentationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "docs.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9813cc74a4597dbcf5a5fc306a2d280c824f717b4256a8eff2864f85d1707ed6", + "source_records_hash": "0cffb9e36a2dfd5fb617e5127cba817298e234e04db2cc8fb01f1bf54c963634", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "formal_exception", + "validation_steps": [ + "executar rota administrativa explicacao para docs/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-38902e4eff57593901a8c201", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "administrador_empresaNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "16ad6568dccb3cbb019fa2753d5fdd453f64015c843b94f7e03e92f44553fe46", + "source_records_hash": "38902e4eff57593901a8c201dc64d8a5316b26e7de6e147c8c788147c132b322", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-deb7ba20962e59fcb7793c88", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "administrador_empresaNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ff6d712bbcfd0c26874325f1d4c59ec59b8f2948b28830f175926f5b0c98fe74", + "source_records_hash": "deb7ba20962e59fcb7793c8843dd09ab822c3f0e9c04e4dde0c399bffb23c8a2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9a6e77daab5192e31e4af9b9", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "administrador_empresaNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dca8346806a8948d1dcdfba34c740cff91ff64910616513bf70c23f1df9558d5", + "source_records_hash": "9a6e77daab5192e31e4af9b98a835193f9136cebb02bdf0ce2d49244d4976700", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2dd5d2f3c7844a92406b4652", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "administrador_empresaNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "664e5f7ceb54eb64880f486b0d7b3fa53b1d8e11b6c9b99d08ee49791a89e560", + "source_records_hash": "2dd5d2f3c7844a92406b46523feb9f0018070ad6d66a7bff4a67da992f1f2f86", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-351a8a9d422c43c0aeb2979f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "administrador_empresaNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ab046d82ed4ae478832f61e797d7ae8f8d68a38a37f57ebae85d7d40d89b349e", + "source_records_hash": "351a8a9d422c43c0aeb2979fb184bc1c4e6c7e4ffd6c92afd29132b405edb36a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0d0a3277784f1d9adffc2a38", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "atendimento_clienteNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e2af87745fe09a6a0f56a0558676f4c0bdfca633ebd7a0961b35678109371dae", + "source_records_hash": "0d0a3277784f1d9adffc2a38b9a4e90ecfedd22254a3e334851fcb040dd68cfc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-353641ab2caf151f5ebcc94c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "atendimento_clienteNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7837a4a520e21fe3ed86edf88b9b187d6a0d783196d79860c69eb05d2df64cb2", + "source_records_hash": "353641ab2caf151f5ebcc94ca66a1be16ee757c4c21b057c5c5357ed4f857916", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7e3a182a520ab8d3c3c1fbe9", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "atendimento_clienteNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cdc64fb1b25ee7b5813806ef2608ea3b904cc3e5647c3f9f8897b276dc190fa0", + "source_records_hash": "7e3a182a520ab8d3c3c1fbe9692be7a03865a782d4b1cbfb6371041fb00c5457", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b062fef129fdd7c828e907cc", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "47a65bb3cbfafa92f58213cb536128b72b76bb6f792390672bd3417e7a119222", + "source_records_hash": "b062fef129fdd7c828e907cc1a4dd47cb71d1d843cbc390689aec7d379e3cf28", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-da0618e99186ef8d360b8e92", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "atendimento_clienteNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bb6524cf9e1018ea1b915d3975ec51ee4a3be1d3e0c17fc8cb02e81b88469eac", + "source_records_hash": "da0618e99186ef8d360b8e929394abb6377c60c0e1a70c06cd9f1f64202b7de7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b0f029500c5e6050bc75765e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "ceoNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7ebe0d7aa32c961f204c7103f2f58e4e45934e477e0be6a8f60fbaf3fb7d1bcc", + "source_records_hash": "b0f029500c5e6050bc75765ebac11761936b0139d4a67ffd2922f968e754be10", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-697ffb03f7454d9ff8a037b3", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "ceoNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "72328669431474a36b860efbd741f3a37df1dc0df8d67f01f86000474c5dd402", + "source_records_hash": "697ffb03f7454d9ff8a037b3acba07234a68594ceccf6793e861c49cd5d0446b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f75a3032a748c69a68b5cbbd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "ceoNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2e20f8eaeead8f65fa76211fd12a0bb16cceb5a24784a1730160193251e2c935", + "source_records_hash": "f75a3032a748c69a68b5cbbd90b14d4297fd6c6e97edd2da386e3736b5c31f6f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3c9d84570c7fec33e47c904b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "ceoNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7cf1418a83ae5adb0e29658491eb2647622152b420ceb414aaaef9e714bed794", + "source_records_hash": "3c9d84570c7fec33e47c904be66dbf5d025373adc0a9b44689d537df9b7a27c9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ceb3a94c23c2414498977420", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "ceoNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "44f118e83a323026b32c70296401757984970575784b70c07c15d6de8a44f732", + "source_records_hash": "ceb3a94c23c2414498977420ffb494d88765b00a575046aae2d0cd1e700d5f4d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e1b15666468dbbd8c38d70cd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "cliente_externoNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4ecc62d1921b3b9386c6c1d4971fbf59ee891c6b6eee15f8a501b311c7ae5aa6", + "source_records_hash": "e1b15666468dbbd8c38d70cd0c8d28e6bb03fd5453608dc52bc96a0d84f357ae", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-090cd75846e11b869588172a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "cliente_externoNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "337b149b5a0f85c7a839ffee4e4db478b949f327d4e3da6a25d1afe4c10e21c0", + "source_records_hash": "090cd75846e11b869588172a026eee7a55af3d95483798faa1ef3e03594d4af3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fd87637eca5bd07586c50ef7", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "cliente_externoNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ef83689e2130ec04a3c047afb3614e74e80fa6f88c2f57499a8bb2b36db3d338", + "source_records_hash": "fd87637eca5bd07586c50ef7f57306389814a9e11360557df569005ff5a2b0db", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ac6ed7bb4d06527a8ca04e38", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "cliente_externoNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f18b43bde1ae004da0acf02d3e7a4a5181990b97092c2e642aad22765b2d8a7a", + "source_records_hash": "ac6ed7bb4d06527a8ca04e3846c145bfb5a0d9715161bd3d9419d3c74485b736", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3d8066d09a087207ad6a1c7a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "cliente_externoNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "147a9d51d416274213011d8dab47b7a00b3c2938ed2f2c7624c163c120dbfb71", + "source_records_hash": "3d8066d09a087207ad6a1c7ad2543c4c2f5ed60223dac4f8ed94a23d98403eac", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-41329b7474506cbe5ebecc8a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "contadorNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a3a1ff5a2962391246e618ce5bdcf3066e0a1d69dd240fdfc3cd511224d21517", + "source_records_hash": "41329b7474506cbe5ebecc8af091981927cad1c02eb47e2827c6ba63856ed3a8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3a14235f989b05929c8d0a8f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "contadorNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cb39a9a53bce8c24e88373e66c5993890003b29175bbb6922ad04bdde3eb1741", + "source_records_hash": "3a14235f989b05929c8d0a8f8bed2f565143067bbb2cbd3933f8b555d17b0fe8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8817e6bdde02179a1821eccf", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "contadorNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "eee46fc109d79512925f2a9bfff9c5f1b982d1c278f767017d101d5209660171", + "source_records_hash": "8817e6bdde02179a1821eccf56e10449708ac4c00eb45bf00584580cfa877c80", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f0ba115295cf2f186e840ec4", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "contadorNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8352f4d7aa8feb697b5feb784677b98649265e60e3c2f8dc1bd2cccbbe7e0cb8", + "source_records_hash": "f0ba115295cf2f186e840ec4501ea2e021f6945ce417ebb6cb7ae42aa37b9c93", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-988af97e2ac74be5a5016f6a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "contadorNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e4fd6c0b5ae558a460e82fe648903d798fff2429f570e5715541442afe344f91", + "source_records_hash": "988af97e2ac74be5a5016f6acf9be1d3e890affa0f6beb28f5403a205515ae0a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-603888ff917c998ab7788cad", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "financeiroNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "231d2039810d14860c33a72e57ca051b5eed5c0272762bcf84a5cb1f13c54073", + "source_records_hash": "603888ff917c998ab7788cada0d4982b319ea1016ec5d9de5b5ac04b48f01798", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c1790521c91ae78316586de0", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "financeiroNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "28f7f70a3cf50bb46f631425049a3c1606a1f4626df7c5dabcbe5fc8ed41883f", + "source_records_hash": "c1790521c91ae78316586de0a672dfd918526a1b8dd6333112ba376d0706cc88", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7d56d890416852a04849a881", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "financeiroNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8e3d497070365caaa55149a3b02a1960f0b4bc906ce9c171ba8fac90b07057cf", + "source_records_hash": "7d56d890416852a04849a8810b16c34dcd1fa6ebbf827217888c8402b8bb5ddd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-96b68f4424163cdb35885e20", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "financeiroNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6c96aab6489e1cf8400c04add1dec8fc1300f75fdeb240f069122923323e3369", + "source_records_hash": "96b68f4424163cdb35885e209d78caff32eff819daf3de4f8ebe864cb4d0239e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-23df5150e457ad917e4cb78f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "financeiroNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ac44376293f0e8c083b9a22cad652cd32680611072c28e9cef01b78e332b831b", + "source_records_hash": "23df5150e457ad917e4cb78f3d3e04f5bf5d85d396c772adae923c1743817a04", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2eb34ac9112184c12cc80546", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "gestor_operacionalNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d6b5225ecda26375337d7a0623cbdbe87e68e3a9af6a3ec1e3002c5ffcce705a", + "source_records_hash": "2eb34ac9112184c12cc805461f41b198e62bc6d009853324c8b9afec920dc671", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-69839b0b197adcd6e60c754a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "gestor_operacionalNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2cde084905d9ea78339fcc576e1d9ecc3166c578ed01481e702859ee85f9e189", + "source_records_hash": "69839b0b197adcd6e60c754aaddabae703ef62dd047068d3bb8f152b3ab942af", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0571a7eadd1e98134bcbcf79", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "gestor_operacionalNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f88f196b7e3257cdb20c0fcc8d44e9ca47c46730350ce92c1b85c9fd94bb99e4", + "source_records_hash": "0571a7eadd1e98134bcbcf799db3adc4ff6a9107f7099f2c76b77850e32458a3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-54809888a3460031f8541831", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e601f816a0eb3704e5cb9ddd8f3f01ae827e569a787dc63da39a1a0ec512af34", + "source_records_hash": "54809888a3460031f85418316073d1f51d3e25ad3ce7c59a4b934f5ff406c87b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-47af240fcd48eab9b045331e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "gestor_operacionalNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5005774800056934193ca20990725edfda7924fef7fb58ad7c40d51caefb4f8e", + "source_records_hash": "47af240fcd48eab9b045331e4640b89fe4bc47a49d19fb9025c5faeef34ac64e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b2e1458916b959d1ff847138", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "juridicoNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2d92b69b00f9d8f9d21a59be5a43e13afad8adf6cbe44c54bb151debbc380450", + "source_records_hash": "b2e1458916b959d1ff847138b8fe814832415ac5db93f01f2ee4e0196893b390", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-83792d100bc80ba926b5c7d1", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "juridicoNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b6eb5c2a648ae91d9b15ce8899529b0c34cf1c0a1acdf2147c1c998c25ea69c7", + "source_records_hash": "83792d100bc80ba926b5c7d17da03e340e446b839f7da52a60ffa1bfb5f51285", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-457c071433c0c338a39cd9df", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "juridicoNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "717491ba23a2ec3e81ffa4b52a75610ae6f6edf5a2e73fddeeeea03639321c31", + "source_records_hash": "457c071433c0c338a39cd9df682c3e4525e3371af185a7783da3756e17f8210a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f431d840d7d3e80103f8c6db", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "juridicoNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3bc5329ef9353db32f54a7bfccff4622d608850d1f51266e3887abd9a8fd27c0", + "source_records_hash": "f431d840d7d3e80103f8c6db3f6985ac3b970ed9935e47c6d2246ccd47ba0e6d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a2b1aa81238ab845b8955f37", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "juridicoNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "96b2d66653b24c3282f3d3b3ca3381b664c058c691473ae455aabd53a74f6d31", + "source_records_hash": "a2b1aa81238ab845b8955f3796c4012f998ba43c4019b25cf617c0a6635fe7e3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a0fe9ba2943b1b65606a93eb", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "planejamento_estrategicoNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "af5f493d2c04e69aa4bd836db9dc5313063b73325b87d5b33b179fed5cbbdf9b", + "source_records_hash": "a0fe9ba2943b1b65606a93eb2d6eea97fa0d47eede4fc2ca3784a247f4dcc4f7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ceb1ab288edabeeb0a55623d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a9bed5e81874ebfc527f081105492f5330cda22698b9546cff4993c2f42443ed", + "source_records_hash": "ceb1ab288edabeeb0a55623db08633b6d054b52b545619f2692329e610471745", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ce253970562e379b130e24f9", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "planejamento_estrategicoNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3c165fdb89d5b42d8322fcc8c8d7f144370b18e6e1e0b5d05f2c6549befe415f", + "source_records_hash": "ce253970562e379b130e24f93f4f0503c6a1cce6fe92a4f03174182877e06581", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8200dbacc442a1f4fb96cd1f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "795a727e88e25d9dace9b512294778c7dfbf8facb18753ed0cdc716a75ed03ee", + "source_records_hash": "8200dbacc442a1f4fb96cd1fbe258f62b47d60024fc91ff7136f3d7d501d75c9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e326cb6a5147fd51dd1d6826", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "40a8c3f257cd468c1bf28c5826ab1c62dd1097317cc2df1b70967215f50f7b60", + "source_records_hash": "e326cb6a5147fd51dd1d6826c56e52963d491b8f6a45db942011e4dc3832a1c7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ce7a53f10dcd05366e56159e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "secretariaNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c7faeb29578d3a7957c1756ae3c5b11fd9f039ea67a04f9c47aa1ca29783919d", + "source_records_hash": "ce7a53f10dcd05366e56159e0db8a8183b96f8de32182ed7045a6ab1d50a4167", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9829a2731ae49252fcee349c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "secretariaNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7888fa4418011dc767643a90e6cb0fddd41ef295a9f61db9f801b4252c8a790d", + "source_records_hash": "9829a2731ae49252fcee349c0a10e56a48dcf034262875617ec7e63c6214ebb2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e27c2a9251dc1713b8173327", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "secretariaNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "18630400fc9bcb8a5a1b962f93a3f287bf1e25d21807fffb3b26c09ef0847154", + "source_records_hash": "e27c2a9251dc1713b8173327d0a65353a671d817ad23c252261ea2b0961c262a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a4c63d4977fe22b3772ec4f6", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "secretariaNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "34846f2659593dfee6225da4534370f59229ea1de779beccdcc0f5250ee89973", + "source_records_hash": "a4c63d4977fe22b3772ec4f678b4b252e9e2d73e2ca71808cdc75c69071c2bda", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8ace6757a71bb1fb14bb2b38", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "secretariaNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "66c40e49a63d466534281e42a651e3df2e4e2644e7d98f5dc5c7658ba5e3c3d8", + "source_records_hash": "8ace6757a71bb1fb14bb2b388cb96794e67c5833e2173585cb283a74cd2f58ae", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b263c51956b1a9eaef37b60b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "suporteNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "55e773640e2f21441073982fa3f6cf33ab435c2c1b00a3d16b7b5421fd240e06", + "source_records_hash": "b263c51956b1a9eaef37b60b06ccf8f916c4015d4c4f5de3bc3b55f13626a903", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e6bbd6aa060b8937aa4fa474", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "suporteNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0bfb2aee3e5d7f913eddfc085a7b8f5475d863726694cbacdeb96afb20979dc6", + "source_records_hash": "e6bbd6aa060b8937aa4fa4745637c2a61d51bd93772ead10e1e347a8b0ffef74", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a3452f5c1e09acd5973c6d81", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "suporteNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7b0d7fc377041e539be643e0e390e59cc85eea42a17c41c776c3bc1cb77e70ab", + "source_records_hash": "a3452f5c1e09acd5973c6d816f94011cb0e502f694c57e51b0044fe2b5e20c77", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-45093649610a663096f57e67", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "suporteNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "775cb51c20ca7ba53de486f6d1bce7ba2db551e32d2f5a62c4dbbfe956bf8819", + "source_records_hash": "45093649610a663096f57e672f47c3a18a0ca701aef8a3bfd64ad8cc8a391ead", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0b6322d10a432869b8772b21", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "suporteNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "892cca62f5984d65c5eb490da24dd51e098698e70d625ecda0ceb7b07c8a2395", + "source_records_hash": "0b6322d10a432869b8772b21fbf1500cf23c5af43a99755384f45f4adfee5e2a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-efef18c33067274c5f1198a2", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "tecnicoNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8581c5554349872d70cfce032b318e3ab48a374d3849bf7a66952e4ba1f2555e", + "source_records_hash": "efef18c33067274c5f1198a2105cd497b039defca3daebe9a81a86e016513e3d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8a48b93ae3ca4327bf894b35", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "tecnicoNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "59a7f605c549aa0222fc885238649b3d978c0cb72585d53b57cbfeecaa37a97a", + "source_records_hash": "8a48b93ae3ca4327bf894b352771b2b74aec0dd03f7601201c2ee269cde6fd3f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-09e2e914611744e4e46b565e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "tecnicoNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c40d6a7c5846f389cb8acd75b3601000af8146ae10077cdc7c07b0ec9f97ec69", + "source_records_hash": "09e2e914611744e4e46b565eb3f3ff807ee4ad725fbafdda759bebbc09b5f0cb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8b3420d0b708f9bac5601b8c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "tecnicoNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bf05c2457e35642e3be143a5c4906b6e8df803fc796917e324dace90ec0e278b", + "source_records_hash": "8b3420d0b708f9bac5601b8c5a51f769abc8caae95f7718e8c1a19637fa25ce8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-cc09e762712126e2330f7deb", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "tecnicoNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a071f4cf1fd533c293333f6ce1861168c96df139e312a940045ea26a1a3d5d9d", + "source_records_hash": "cc09e762712126e2330f7deb532957bcd41481a504d118a77a10aaad43a2edac", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dc219e8fe7c91a700dd08f14", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para finance/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "usuario_finalNeed", + "acaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0fd81e1df2527f16a47b6bc058ad05cc8f4763b10899c62d07f4671aa52e4504", + "source_records_hash": "dc219e8fe7c91a700dd08f141b3067d7491872e821bad507cb95bfc1703bcbef", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para finance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-33380d9bc5049dc78447e5a5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para finance/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "usuario_finalNeed", + "auditoriaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f318f6ac626fc80097acc985b6459af2897e7e43404ae552cb6243356bbfb26e", + "source_records_hash": "33380d9bc5049dc78447e5a5798998b8fa7eb9d208ee3c060ab461fcb77ca817", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para finance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-084a97c6a14d8d64739d15fe", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para finance/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "usuario_finalNeed", + "consultaState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "856ba9b29b6f9e6ab834da2b169594d622aa49105fdd6e6979c875838f5a955f", + "source_records_hash": "084a97c6a14d8d64739d15fe4a185973d32a8b39f3e247c001608fb72b6771c1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para finance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b5854aada4824a27d8cd5eb0", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para finance/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "usuario_finalNeed", + "diagnosticoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "026fea7317f25ba876fc226de6b2c92a72c72e7cafef8e7006db4953c98370bb", + "source_records_hash": "b5854aada4824a27d8cd5eb00f73c54ef809eac3a82fcaa3878b88b67b9d58e2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para finance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1b62b7f73aab864facc887b3", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para finance/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "finance", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider finance via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "financeStatus", + "usuario_finalNeed", + "explicacaoState", + "financeGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "finance.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dad9c3cff2ab07cc11f32948ca07942fa264bc6b5eb1bdd4755061f3c72dfed0", + "source_records_hash": "1b62b7f73aab864facc887b36997be7555b21602b5d2e5710c60979f99e370b5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para finance/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-25b7416e2574bbceb5c7c8f2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "administrador_empresaNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "73884f8203109b5d8b6d9f7f0bf3a0d85c696043d938f71e3b5890b87ade1131", + "source_records_hash": "25b7416e2574bbceb5c7c8f2b3522c30ab4af4d9b686efa5318bfc3fd665de56", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ff74c58a6d6f5a0bc49209eb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "administrador_empresaNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fb770024a98f9fbf149dd42a5e2cf11a811d886dbed7751615b7009da0e43398", + "source_records_hash": "ff74c58a6d6f5a0bc49209ebff91c04b249eb03cff8007ea5e4aed6a7fe41c58", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2452ebaa3195fd63ddc718a0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "administrador_empresaNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bca9482e609ef1178a45bf9bd6047bfd8ef2bfcdc3cdb0ce57176baba5bd8b9a", + "source_records_hash": "2452ebaa3195fd63ddc718a000782b78454a30d97e2f50a94247e110d102ad37", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-68672253cc0b3388a101a0a6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "administrador_empresaNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "40b2f88b270eab47232708f4b507f923b01b69fc2b394490074a49cb6806dbd3", + "source_records_hash": "68672253cc0b3388a101a0a6acfba78151c48427b453aaacd9bf4d1f9556f0a2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d891f54c46914bded1d9791b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "administrador_empresaNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "40aac18c595793c1cc5d1af9359ef7c4a42ceae1a18ba323823b10d2cee407f1", + "source_records_hash": "d891f54c46914bded1d9791be1d5fdcd64fa2be548e9574ce25a5aa0ee7228c5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-30cd60a35dde3f005728874c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "atendimento_clienteNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b3b3d86f8f79952b3e2bf0902b3e12f2974064d9e544ca484a6522e7b919cdd5", + "source_records_hash": "30cd60a35dde3f005728874c822cb4f3eeee68d55a841b265c10cfe1c3301da7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b4af1499c0ec134c58f39de9", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "atendimento_clienteNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d48d60a4115028e34f3d1b147b838211c8b03c3ef3567bab32d57b19414551c4", + "source_records_hash": "b4af1499c0ec134c58f39de97c858d916435769884cd02c6e952cb0c13d6f174", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b006a2171a6ca1b949224bf5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "atendimento_clienteNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a064aec3c1c7cd44c81161126564141887483957de858afe98faca563f836b46", + "source_records_hash": "b006a2171a6ca1b949224bf5a9725a77fe8e6199072e7706665b2642054a7ddb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-393be80f0887c3eb2b0b9bf4", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0de15fb6b5a8e226597b78953438b0088ccd710e2fe0deab5583e8ab5ad766a8", + "source_records_hash": "393be80f0887c3eb2b0b9bf4ce857842cd31208530bc8e8ee3c14cef50e9f511", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-df6b51cb66d6324a08a1b0b9", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "atendimento_clienteNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6b9ca4caaa21177b6bcc38530e4a0d13a97bb2e1a389916d619ab57cc3129dc9", + "source_records_hash": "df6b51cb66d6324a08a1b0b9db8e1ee47d33ba87c4cd4f60dc1434e11b4c9866", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8c1d8133cc6af11a0de95db8", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "ceoNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d4abb1114936ab5ff630730b1e95befa2d79f98b72c1557bd70250c5f16eff29", + "source_records_hash": "8c1d8133cc6af11a0de95db80e6fa2c2ac31bc5fd199ce256cf0fe7fc983425a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d764bd0a538462b80ff313c0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "ceoNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4c5ff8be8ecdf3f9ac3b54d5b4aa7b4e963abd054828732802fb87f179cdf6a9", + "source_records_hash": "d764bd0a538462b80ff313c0622b7f915a115260faa6428770a17c7d82d00e1b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-90099d4f150347ab1f7a1128", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "ceoNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "450391e0265508f0a8dbf8e7836f7c2bf6c88f0708e6f95ef068201fe549be69", + "source_records_hash": "90099d4f150347ab1f7a1128d313a39d6471ce7c7b31c1cc8e42eec9306efaf0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f670f009d44a31f9367a1c35", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "ceoNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1989053940bd8ca50a404f55b6714eb870ee2d550856fb8b61fed77d529c3d5a", + "source_records_hash": "f670f009d44a31f9367a1c35015c4c41e4fb62571868e164091a599347890585", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f38e635c9b171aa6e9f48583", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "ceoNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "62b4f126389cef041678548dae37cd11a7a4a2f154cc0e10a92979e7cad95619", + "source_records_hash": "f38e635c9b171aa6e9f4858378576fe2738372e9bd2757808ec6e34ec59c4ab2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-48fac947a1a18353889ba989", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "cliente_externoNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fcc95a4552a35ecc94394ea2ccb97da9b2c27fb549b939e7a9d8be61a4ac8f34", + "source_records_hash": "48fac947a1a18353889ba98911d0d21b9654bb272a111f9c4451f491378276f2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-77a25dc530c30a399322d0b1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "cliente_externoNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5b3d23d639d12e401c190beb6405635bae800c5c2dadb4d33b5f868f56ff6f32", + "source_records_hash": "77a25dc530c30a399322d0b117e10c888df18b669b9ce9ee98c59c25867ad7aa", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-909a322dbfeadd376e71a50e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "cliente_externoNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2ffd52aa564e41d6bf218cdc193bce2d24fa949fd19ed891b3652ef69dc3cf4c", + "source_records_hash": "909a322dbfeadd376e71a50e065bb1b9fb218b37b210658680bff5f29cdf3d88", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d720b747299e81faaeb40e3b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "cliente_externoNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b63ad7abb62d4e93e7d880e6f60e27a814b50d95f64e40ee5f9d926873cdb1ea", + "source_records_hash": "d720b747299e81faaeb40e3b1863c1092f4bcd65a604333b797eb9980ffeb2eb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-44d20caa2104bb53f85abc9c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "cliente_externoNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9900e0a7a7a1ef07c1a0fc5a0454a3e155b7bec106cc3c9c113f4568ab4318c1", + "source_records_hash": "44d20caa2104bb53f85abc9cfb8a1a2847758313faba8dd9ee3835efe4f8d43c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9c8287168a83e0a06a185ac1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "contadorNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7432f1a7f241728218a9de7fb926682642e5f3671fbcffaf766fe964ec05bab0", + "source_records_hash": "9c8287168a83e0a06a185ac1acfeb38e5b76aceddd36d9fa90acd7a19eb122f6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-858d0225bcc2f5b81d879b2c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "contadorNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "73e718cddc2884d58b9b6d4fe4f93fdb83e793958c96e1a876305450de274d89", + "source_records_hash": "858d0225bcc2f5b81d879b2cce8a82f591cbe4c1252d38bfd705eb7efe74d0a8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-58a42bb0f859a78d3c92c55c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "contadorNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e4a1618a823e27c8223a3046619672331b8dbe1f924f4510fb0d02cee5aaa96e", + "source_records_hash": "58a42bb0f859a78d3c92c55c615bca189706344639a535674872c1449ad1b037", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0841d0af5e756992c9fe0a21", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "contadorNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2dc33f44a4c71919f94292838fc8b4edd986f7da13fe8112c58de59b4e569610", + "source_records_hash": "0841d0af5e756992c9fe0a21d59e78af44b701e1c518a0f8b6d19ddf97727b84", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9cddf320d13b9530dd1365bf", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "contadorNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "07fb26448820f9292f80c879b1748b7073c94f82798d1449f43d87e7a298b4cd", + "source_records_hash": "9cddf320d13b9530dd1365bf52a1284a37eab4b0a8c41472ff8701e8105d6875", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-77c66f38f0b242222af855e6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "financeiroNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f330a1be0cbeaffe860cec4565ac23c50a45c33a3e677f2ce391f59994b2bc74", + "source_records_hash": "77c66f38f0b242222af855e689b2bdb6198cbf7bb00dbb7e8973517f725396c1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6f579d768636a7e561843b1d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "financeiroNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6a467239fd1a9940203291226c4e873bac7ea0699d9ae627424071033b4742e1", + "source_records_hash": "6f579d768636a7e561843b1d0da1a1b58b5712569de7eb893d753ee7c17e8249", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-5458cf34c8bc5cda65cbf35a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "financeiroNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cb0263f7f0b241d5985a0fe27ee008b66b2441dc89c8e2d9ba3fc16cf4bce77c", + "source_records_hash": "5458cf34c8bc5cda65cbf35abca89daa891e21b2ee2a0d0c1d61371ca66d3867", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e6dca188c8549cca4d50925b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "financeiroNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a8273806beacc9c416ccd5145c934ab021f0ea351a168c4b5be5bbcbf2bb9e0f", + "source_records_hash": "e6dca188c8549cca4d50925bcebcbae23254dd4b36b2d9831beba1db80697186", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a8afb10492fca8704c80ab35", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "financeiroNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4b2570d4b14a3f13ec7931325fffdd10e16d3cea6cc5d541c5dd9f3a055634ed", + "source_records_hash": "a8afb10492fca8704c80ab356a4e149bc58976b902739379983ee1753f88b94d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2a070552dce678eab3912dee", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "gestor_operacionalNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e51bdf3db30ed55b4f4dd8829ce663723aa7fff862d02cf8bf078304f27d710e", + "source_records_hash": "2a070552dce678eab3912dee9135e0f2832ca2077e9a1ff22432b02042c39480", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3d95b5a6c8e609db696cf58f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "gestor_operacionalNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f11504eac6998eb6e4c697caf9f8fb591d5629f9cf4febea0c019c179d120455", + "source_records_hash": "3d95b5a6c8e609db696cf58f05c9e09860b9390ed1f0ede1561940ba83c8619b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d604572e1cc2563442bdcad1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "gestor_operacionalNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3b8bdc84157c8686687b15bb1e48a22fee120e55f16d7ae36a5f342050f17c92", + "source_records_hash": "d604572e1cc2563442bdcad163bf1f03b58bbccb11d319ccc4b5c7ba296d95fe", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3b501230522c68b7ab9776fd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ff28782256e8898991c17b39c23beb4d815093bc60890711eab04b81ef5cf311", + "source_records_hash": "3b501230522c68b7ab9776fdec96e44ae9c1e0fa39f807738b173cee2a169c38", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-df3bf3f914060604b4e92fb1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "gestor_operacionalNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "04b2899e2f9662d19dcc44754a97dc77e4e794e7d446bcc112eb283335d16342", + "source_records_hash": "df3bf3f914060604b4e92fb17360195ff1c0269b90f7a716a745a9be5ed18a43", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d5231e50701c671e4d043627", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "juridicoNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "10919ca030fbcc68ac627de8970799b3b7a9bf94ecdc88d1fdc03ac48d4ee8bf", + "source_records_hash": "d5231e50701c671e4d043627b040b8650f4af61efbe113b3779718a0f92394b4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f768c488ce1329af74f361fa", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "juridicoNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fccb1f34ad39661549faf088ff7f494611e2253025429d5cf207a6a176bfffbf", + "source_records_hash": "f768c488ce1329af74f361fa5f8cf84f817db95454acf85e4d7560e9a1bf929e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-09402766b27474133cb6ca15", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "juridicoNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "71b2b2a31891fd45638fecfd04b62d449501891d0a14cf47b8765c976cd0b9be", + "source_records_hash": "09402766b27474133cb6ca1510fb8d526f0b39f944b659e70ab0db1a87ffd3e7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-77bdfd2d05d143e1b43c89cc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "juridicoNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "84e1b158467375880562bd9ee36ef6875fea5552dd78205660dca4591ba19017", + "source_records_hash": "77bdfd2d05d143e1b43c89cc6d0cd33870fb29bf09a237eae5034a4ac70dcbd5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-795fdd3477daec12bf268df9", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "juridicoNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4dbe1ab96f780403f9417881fcb9866434036d466f27aa6e20dbcc0251fa872e", + "source_records_hash": "795fdd3477daec12bf268df91ff579e4d3d96f490210669563b30d0061bc39dc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-38d829bf8550a00297414ef0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "planejamento_estrategicoNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3daebec6e75155039b95594a9decf973529730588e52f2bac392cdb23f3a6e34", + "source_records_hash": "38d829bf8550a00297414ef0d0acb8c0d04e402d42e41ab1ec6874dc4b724958", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-bf3d234661f4c32f547a3da9", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "97d7fc9c512a3e8c1bbfe6a95b06125de1c7a5f7876d712391fc86dfc791baf2", + "source_records_hash": "bf3d234661f4c32f547a3da930051be149ba82114c4478ee585d93041a57a496", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-011d3e870dad6a663d57a406", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "planejamento_estrategicoNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "215e70a31bd3a7fe59f8fe6c26e607e38885aca4f131195cda86df95fffad271", + "source_records_hash": "011d3e870dad6a663d57a4062c79d65465e2ea96ebe7a89b25a4e6591405694f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c3dac11f099c50f56cbd5d41", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "779093e9aec502d2939a7fdc4fc7334344a2de76e970c760119175d620649f0d", + "source_records_hash": "c3dac11f099c50f56cbd5d41219dd058fba77c7ed6ab26008b78fb64dddcfc7c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-04414f3a32615914131cdfe7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6381d75cdc7de80c504035fa7b8f908753de6932da38afbdc0a3f20920bd9f8c", + "source_records_hash": "04414f3a32615914131cdfe7c119368ef2ffc3992752bc0a51d5c6190d1e41ae", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-94327b22b2779d5bff7e34ed", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "secretariaNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6fb6862b99bc96bea339eeb8cc1e08af84b6fbec6865db326a331c965298e06e", + "source_records_hash": "94327b22b2779d5bff7e34edba1c334cf5f18c2dc1fa9459e7558bf802acb180", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e5ccd903b386e7f6092a222f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "secretariaNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b7edf141f565f617cd99dec34a159d2f18c8d676ba8a3d3d2d77ad64293d1a68", + "source_records_hash": "e5ccd903b386e7f6092a222fe6588f1c9dccde4df0068e1c52817275cdc1d83a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f5eeb9ab56584cedf7a791b7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "secretariaNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "233f6e61ac88f594dc17c515d8bc3954d83311311a2b07165c7cb5704f3127c2", + "source_records_hash": "f5eeb9ab56584cedf7a791b7480efb40df9508613990ffd1113de32b8e33ed64", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-58032198566c033b5de75fbb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "secretariaNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a981fd16bd6be989f9ecd421c2d5df3248ed81b296f66ebb167745f9de11282f", + "source_records_hash": "58032198566c033b5de75fbb55dc3d57f1522092b3cb83bea7ff6b3d0f8761dc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-df0a5ae289519c87f07728c4", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "secretariaNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "729aa9243edc868c69bc2f2ecb385b414562ad8a27cf5c802c57cfdf32a51adb", + "source_records_hash": "df0a5ae289519c87f07728c4ea2f1d12dcd1e93985bcfb1542f346c37bf67942", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1fa8898366720c482f82fff7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "suporteNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6318dc03222f2864130a37a7bdd48e8c61f9b020a37a4841b7da10e5fbef3ec9", + "source_records_hash": "1fa8898366720c482f82fff7a6c44da217b229b71fa91f303127a60aff640766", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c7611284f17bc637034ed238", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "suporteNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f278017e3540d27bc98189720db3c0a78916d81950ab769b936ff2d45e82e4dd", + "source_records_hash": "c7611284f17bc637034ed2389ff7a5133fbdc737272a973c0eab6616672cd75c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-96fc72ee34aea135b9977c69", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "suporteNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cddf634de76febd0852d69115f18f58b37f075798442013ed9fdd53ade726120", + "source_records_hash": "96fc72ee34aea135b9977c6919af97387e5f4704b067b7b14959e3e071eb8848", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8640a02eec804a6a089146f2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "suporteNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "37971583e904f61b2b7c0f2a7a99718d664d47b9f2326c3e84a056718c048cea", + "source_records_hash": "8640a02eec804a6a089146f282831765410e1df957567139e2e6e9069fe0fc13", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-727437b36d4b9a4df558d3b5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "suporteNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3f275d42ab3f14b4dcce3bf7b2c7db60dc65b67c37fa07a6e1c62a7202f85211", + "source_records_hash": "727437b36d4b9a4df558d3b556adbf3e6753353273073301c6a7a83af4b300f2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-86645cd7102abc63bc1ccc20", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "tecnicoNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d2524ff242095228e7a5efcfbb7aff414e9e776ea6868daa58cdc6112943de43", + "source_records_hash": "86645cd7102abc63bc1ccc20be087a9c594c2b9bf947ee6916219a1d90d3361a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-59883651fb5cb75143e610fc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "tecnicoNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c4c4db569e7dca029bee1c6c3b449c1a9e4f2eb4bd2605bf3221049585f3faa3", + "source_records_hash": "59883651fb5cb75143e610fcfd7718a52054f08bccf66e4cdd02ec9f40b1a39e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-05f0ea8b86519dffe05a5cf0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "tecnicoNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "276535ac6c566775433d4c93c16f3054165df244156cbb29740e2b4b10e43761", + "source_records_hash": "05f0ea8b86519dffe05a5cf034b2f55d50c9efec3379a6f07925d5c83f8f0778", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7ad64f7c4a2682a2577d2025", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "tecnicoNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7d505d646242663f0831edbec3b807164bf94b5978d6e9fd01aececd5e38b3a8", + "source_records_hash": "7ad64f7c4a2682a2577d2025d66cf46a432beeec249a16cfd796d3807a731167", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-340843819c215fff8d5b985e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "tecnicoNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "36346551d047b18fb1f7bf32eac97edae960f2fa74a901e65e7344c63f77d21b", + "source_records_hash": "340843819c215fff8d5b985e4ea580036d76805ff98dd2e7832ebaed5d19383b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-20bf6594a2b93dcec9180142", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para gettys/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "usuario_finalNeed", + "acaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "745aa69a69925f2dd3007a5656804b0fc213362afa33d527db59b319150cd909", + "source_records_hash": "20bf6594a2b93dcec91801423b4e7647659a558c27873a6401de4fb265a65df5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para gettys/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-fc99fbe73e29bffac08aeacd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para gettys/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "usuario_finalNeed", + "auditoriaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4367f25abc243a6025a430d3f2d146063bfd6f99416f77bb6bdaf4f0f51e01b9", + "source_records_hash": "fc99fbe73e29bffac08aeacda57eb52c3decc23c91c31e51db158a1dfbb94f41", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para gettys/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e32bdb644ccf4491c28ee070", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para gettys/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "usuario_finalNeed", + "consultaState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0b0aa1450cd3dd361939178b350adf0a6c70cdfd481fcfefab7adba541e64633", + "source_records_hash": "e32bdb644ccf4491c28ee070f42ebb776fa7f6c581250004e83405e7acc10d04", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para gettys/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b22b17776cb3cc1b7d39ec2e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para gettys/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "usuario_finalNeed", + "diagnosticoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c13bf5263bba1cd128590e8198341793c100b5cc582743fe0798d9fc0c605191", + "source_records_hash": "b22b17776cb3cc1b7d39ec2eebc31fe218213e79af0cd5b8c89705f9b0d47c71", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para gettys/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4c39c4bb51b1b5307d788fd3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para gettys/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "gettys", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider gettys via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "gettysStatus", + "usuario_finalNeed", + "explicacaoState", + "operationsGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "gettys.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2d004b189f5b39c142fed7c2b4ce2889b25b623c1169d9935e883c855dae7d20", + "source_records_hash": "4c39c4bb51b1b5307d788fd336caaf5b16e7b1ea4489186358dc2af8de6760e0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para gettys/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4dc02904b772d72785b85b39", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "administrador_empresaNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cc5b75c26ea7fe1fde0127788f000ad33f1b544cd63ead2476f07436547b4586", + "source_records_hash": "4dc02904b772d72785b85b39a3a7cce10f918e1973cfc2fbe2e6a875adeefbfb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-da1ef5ca4ea37101298439bf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "administrador_empresaNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "be7fba2d30ffdc2344b685491f068650551ba4a8b746ac35ff582b3736bb9931", + "source_records_hash": "da1ef5ca4ea37101298439bfebb257d9b9f6449496d99f820b540af78cd0e6b1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3e5363ef34f5582d02d902f0", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "administrador_empresaNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "815d22e81c85c522c52b052e2547d8cce03678629bdd29eb93bc08a25084c58f", + "source_records_hash": "3e5363ef34f5582d02d902f091b233ec6b64c908af79e64f27790ca0ee5f3eca", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-01da00d8c640650b428b0a9b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "administrador_empresaNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8c22ad5acd4151f1b13bdb2832612495e451ea15de6fde9ae50dd2d6127fc99e", + "source_records_hash": "01da00d8c640650b428b0a9b3f700edf57fdb6b19336e3fbec8b9b3a18100831", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-befad8975ae7b9df70d0d3cf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "administrador_empresaNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7f117a5a4a4ac1e8571cd6e237a880f755a57591cbcb636fec59cac8d8154f4f", + "source_records_hash": "befad8975ae7b9df70d0d3cfa180942baadd620ea91cbd7697f279104ff45211", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0bf435d17a46773aeb0064e4", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "atendimento_clienteNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "825b57ec5afd1bc4d8c821cfaf5ffec076d1e3be8ac18ad7c5eb1cf1e3fc8dfd", + "source_records_hash": "0bf435d17a46773aeb0064e470a1d665144b5dcca86f1e26450d171bde69aa2c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-006dcc2fe482730a79d747cf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "atendimento_clienteNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d5b5b5652df67f95f84cd01f0234d8cde6787b7a075d6b634c222a9ae28f2816", + "source_records_hash": "006dcc2fe482730a79d747cf13a98f469a400b1ea8ad14e64f401bd16f56e225", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1004a476fb20e977be59f5b3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "atendimento_clienteNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3f1ed2943d7e07d23909390a50332f93c5104999b34fbd1e41fcb23ef29a6194", + "source_records_hash": "1004a476fb20e977be59f5b342ad1357e46f8f94267f2cb17051ebe0eb0a1da0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8d356f4a0dce06848480c5de", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "78791f60a1f25fbcad4ab06cd7a8bf1da9aa07e3bfc10527fcdd376563c7622e", + "source_records_hash": "8d356f4a0dce06848480c5deea36f696092350128c17b8b26dc908d430c1e6e7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-321ad6381d4bf570d3136018", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "atendimento_clienteNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f5a3be5150c6d0e26e5df3e5a673ad0f55b338522e53716620495a880ab4544e", + "source_records_hash": "321ad6381d4bf570d31360183af1a06bddb38ed228a4512b14c76b8edfc8130b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ac33883476d87010a6cf5ebe", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "ceoNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3bf4ac3c875a6b66f715203dd1495641c248d7f98ea8046097b22b93b809ecd1", + "source_records_hash": "ac33883476d87010a6cf5ebeffe629ce9ebd0d8aff07827ba58ca794099a04c8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-13b66d3b020af13c5ad62780", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "ceoNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "eb69ed691c88473a9dc7e426d6cb75d62237eac7d772135a126527d1bf6aaee1", + "source_records_hash": "13b66d3b020af13c5ad62780252d4685dfc44756009d6003862d255b8988b695", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fe1cb616738318f6c49dce26", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "ceoNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "46b6023a30fd71a9ff7d54b06805a9a7af59a4622500123dac156661a93225d5", + "source_records_hash": "fe1cb616738318f6c49dce26e74b9d2662f76d29fe41c28ca9c85f13baab01e0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1811f0739e2b978403f424f3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "ceoNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9825072b47c85f5a6bdf6530c45ff00d6142595aac937e0783d26b4f6dd324f1", + "source_records_hash": "1811f0739e2b978403f424f3ced9c64af524db37bbbaae590f4c68efdf3101b5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3eee024d970981ba1c7da889", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "ceoNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e9ac1ab75ac540a931b1bc97bddd5eb277663e081d0aa6390348028566aa864b", + "source_records_hash": "3eee024d970981ba1c7da8896f15fda621e04d6d99544c0ad6a9783834d01f71", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f786693279aab920314e158b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "cliente_externoNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d0625025450874cbda73ddeecf1dd2b89c0dc9b4351278f79381f244bcd9ccfd", + "source_records_hash": "f786693279aab920314e158b7a5ccdbfd7bc404f327c046f8e771cca5f73b9ee", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e33ac64480b6a2417509ef9b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "cliente_externoNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f29a7a16607d2498049ab40a51086215cfde9d98b5d962238928924cd4ea6e76", + "source_records_hash": "e33ac64480b6a2417509ef9b483292b246858ee18b95d90a1f08217724b3533a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7f56faf92b895123640ffc02", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "cliente_externoNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "144ea493098e01984e07765aca75f21d25e138d3bc037d52a6e966da9702aa21", + "source_records_hash": "7f56faf92b895123640ffc02c0a9bffb0ba7f15971a043dde03f49fb42757dd1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0b10356d8ae58d79a38c2833", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "cliente_externoNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "079d4d7b6f43ce280fed3a8b04ae38d62366a1768557e0a5f8238fd47def60a2", + "source_records_hash": "0b10356d8ae58d79a38c28336f30a17216dba4df9d8aa77e8f8a55c7b20837b8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4530c1a8e33b231547fdb89e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "cliente_externoNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "03b3e619122bfcdb9e9c98c72eac1508b9910d911d4ca3333e085d18f2bc35e0", + "source_records_hash": "4530c1a8e33b231547fdb89e77352508835cbc2ca5355111b028ef40228cc407", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-69085c673f4b4097d228d7d9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "contadorNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8cb3e701cd7f0e3addce13a90ec2e502013c93b2c7ba90f87346cd89ca70d90d", + "source_records_hash": "69085c673f4b4097d228d7d91a4865a110b5ae8a3ddb199928c6331cbf4d3dd9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c7205ded04028af09d882bba", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "contadorNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6ba2a3509cddfbe15ce7ef6af4ad6e68686a025e125fd9585bd1bfdfe0b14943", + "source_records_hash": "c7205ded04028af09d882bbadd720fafa14eac34d7f88a2565f28715c07a7245", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f575a8b45c0e7eb9327362e4", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "contadorNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a26e300aad4c9a9ade661b908b3a7eacaf27c7c53eeba752fdbacdd445cdb4fc", + "source_records_hash": "f575a8b45c0e7eb9327362e4e6e573594f1d743350790036c9439a525f65b2c1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-278037569d638926352ced91", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "contadorNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ba9fdb8f2eca4f3df948da6d1b26b57e91b5f4eb89837c68f9e8e0327e53ca0c", + "source_records_hash": "278037569d638926352ced9112b74b3741ceb21a98f9798e7e0f2a00e72f8866", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b4461c22e62ceb76791fc55e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "contadorNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4027c65f254a5ab1c1fafcdc84c854fc4109d20f4af790f47110dcf5645690db", + "source_records_hash": "b4461c22e62ceb76791fc55ea03613435c4e62641fbed66b1dd02973c51caf85", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4f88aad7a1314b20adedf0f9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "financeiroNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9318d6eb45b879e86d177a3ab0576378cc302995a5214b6af3f781ada84408d9", + "source_records_hash": "4f88aad7a1314b20adedf0f96c44665f3ea552aa5b083a03b5c065f96b4bb357", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d22a7e4f0b703db7da643f66", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "financeiroNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d92cb804a6b3bb2ef9bbff01c19e969bc9cbe7d782b109f5974289e70cf94fc3", + "source_records_hash": "d22a7e4f0b703db7da643f664257ebe1792018c8f3f679bb444c9b4cb0bb9bc2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4560a5ac050bd57a423e27ee", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "financeiroNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "568d6110e8cd7d433d8248e98261b9b9e8a2f3a54ee7557a31b81f6f89b4e13b", + "source_records_hash": "4560a5ac050bd57a423e27ee84017bde94e59cd4ad79f553b35c994973ac9f7d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-61bbd728827f02caa67d6c53", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "financeiroNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a4939e22e9710b12f86b25b4539bd0758e011f42c37384a39b8decdd8f82657e", + "source_records_hash": "61bbd728827f02caa67d6c5358397582377978e765ddcdf270a4a18aeaa82613", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a2bdc0e55bc0477399849334", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "financeiroNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "13667b05c2e711aaa7093c38250fe401b252e90c18420883357bb627d9be5c6a", + "source_records_hash": "a2bdc0e55bc0477399849334cfd388ef163f025cd63d038e22cd2a83501b3883", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-40556d0a41d3fdbca8fcbad2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "gestor_operacionalNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "560218129d96e6efc3da18f7d7e56794d5554cd5a1067ff6ce360c7c68c0caee", + "source_records_hash": "40556d0a41d3fdbca8fcbad2ebffc40bbc45f41df057315e128b912af34fa3e5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1e0d415c0bc1d7e0a3644902", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "gestor_operacionalNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "072fd16ca47b7e8e5f708945fefd0aeb608ac6961bd6146d1bf32bd684efc9f3", + "source_records_hash": "1e0d415c0bc1d7e0a364490207ae809f0dc0f1a5e386b4da7d0beac25a44c746", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-eedef3c753e8b724fca478b0", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "gestor_operacionalNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3211dbfe06f8190530f09f7b64d1b0dec88790f0a079aadc54275785f9aff6e3", + "source_records_hash": "eedef3c753e8b724fca478b0e0be04438c282153e12199ae6d0b18bd080d20f9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0b2e4b9005b91904bb8df555", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "52016df1cee96226dcf41187299e605b01d15dffcfbfcc144deb59740838e008", + "source_records_hash": "0b2e4b9005b91904bb8df555d487e4747cd7939e4dc600bfab9981f0aaa0ff01", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2524e76e9ebb0d8ada4029c3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "gestor_operacionalNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7fa7acd6cafc20eef0465bc713507c333e2f4d0baf90682d42e73e94d81605a7", + "source_records_hash": "2524e76e9ebb0d8ada4029c31b76655b5fb2ddd6e65c0cd5396253861537f6b5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7dc304656c3a6625bd9a1db6", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "juridicoNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8dd8605da3d3e4aa931d7cd6d6280c51497b0f536c5ff5f7d542ece4d457ab3f", + "source_records_hash": "7dc304656c3a6625bd9a1db67d6b03f079b038f458479467c1e5743bd617d5e9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dd607566444c58d62079882b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "juridicoNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "893417f384c71e58e956ffc81269a7e2cb89e85175b2e15912fc4e13361991d4", + "source_records_hash": "dd607566444c58d62079882bedde81be65fdb2b75c5d181b63ba70eef7a19d8d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8e2f32b43bbdb0e609644e1e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "juridicoNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "03bf6f1148cc0e71954df4c03b075ee604c2b1267a943f781acd86d61db7bbd6", + "source_records_hash": "8e2f32b43bbdb0e609644e1ea2b7d024bb56cf8a40959308f6901a2c64afd8c1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e4a5641bf3345306d74aa4c4", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "juridicoNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f44fbee25c0afb77b0d765c6d92fee68eaf5c2d0fabe5e96f112a21f03629fc3", + "source_records_hash": "e4a5641bf3345306d74aa4c4e5b00660e24be4e4753cd25b668247721f309654", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-144e72deea9ee28826f57f60", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "juridicoNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8e015ba7588e9ac8e395b2e6c99e4272933875d7c45dd4781345af71c011433e", + "source_records_hash": "144e72deea9ee28826f57f606582d8f4efdb858d901a389b17cf74f0b31c5db3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f18b017d7fbd2ae64c2eee19", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "planejamento_estrategicoNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c38c97f3cefeadf3a9081967e275ab8dc7cc3e6186bff476171ba18eaa207509", + "source_records_hash": "f18b017d7fbd2ae64c2eee1963ca5727e82d1a2a7164aa721b7245e4dd5fd7dc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dcc6021bef0055221556da2d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4dbc89b9721238d7a28dd71bc377709f9632f5b90f7044b675298a3b78aa9fe8", + "source_records_hash": "dcc6021bef0055221556da2d6080344415d96cebbcc973d3c336d28c87ee2f02", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-585a1feee847a4498d471fb9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "planejamento_estrategicoNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d5a65ecbb273f914d97411fde09ae0030acaea4ef6be4e7e09b30f490a921d80", + "source_records_hash": "585a1feee847a4498d471fb975946cad471fe4c89eaca1ab014f41d24ced696a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b3d0145d29e7557c6c02b422", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d60ba2469db570ffd2f2c2b8ff847113f958d45a2edc4af977a296aad2a51d64", + "source_records_hash": "b3d0145d29e7557c6c02b4224fe2e1689b78b05c0ddde5bdab8ae4b249e8de4d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b5fb2d19859b44b18a802ba8", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3e19ef89c9d01f8ef8c66ae906976c6973f1abf91cbe9fe433ab200ebeda9ad4", + "source_records_hash": "b5fb2d19859b44b18a802ba8e711e3db0d7b9f36e6465b6d0668b8eb01211dc8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c32a37aebf3a2112dd170ed3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "secretariaNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f1bb3076f160fd25f5f329299867b3ae5cf2b502ca13f2ffacc0e112fef9abc2", + "source_records_hash": "c32a37aebf3a2112dd170ed3a8532ba774a8cc06fac30290d9c391fa2e2f19e9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fa9a05f5dfe7936ff0e147e2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "secretariaNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8ab6f4e885d5eb0466c2c2d159eaf9a8e08d2df3a344af16489a6b31670fb426", + "source_records_hash": "fa9a05f5dfe7936ff0e147e2607932612d2b2e9a336019f089d7d589957e4d10", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-13383f8f820f52c96cda525a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "secretariaNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "31a283ca1ca174ebc6c437fedb7fb0ee09b2b0431e56021b0718b30c977d1e55", + "source_records_hash": "13383f8f820f52c96cda525a16cbd4ce232e53b1dfff7ffa4f8651b641e788d6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-70d96fa84f56c71822f9acdf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "secretariaNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6da3bbb5bb32eb547aaecb8fc373002b872ae10373a83297912c62083afa3c38", + "source_records_hash": "70d96fa84f56c71822f9acdf5db804a0c3b432de86ac8abf682a90923de2bf1d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-77088beb55f58f40cca994cf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "secretariaNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "89d1ac5427f2d9cccdf332dbd021760c7ac1ea271edba6a1593d6d9a7c056fad", + "source_records_hash": "77088beb55f58f40cca994cf976f042b60af466783149d81189403d180430de0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d2fcc1811f030c1345b4f619", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "suporteNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6c30c8bdb99a95ebd3f06c25106e05c74ae4a6973ef79db5247ae16f489de541", + "source_records_hash": "d2fcc1811f030c1345b4f619b819f5b10e90686cb4b7f9a903af5614f323d5c0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d2f73bb5280d8dbee8e58268", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "suporteNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e4baefa88a4a3f936c763f3f8db3db3cae5f34b0c134d38715dd77e81eac460b", + "source_records_hash": "d2f73bb5280d8dbee8e58268a44f3541b2a4f882c269d760a82f0423bdebb9cb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f9e103968510e03fbe5bf8a3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "suporteNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7515b9954fea5a461055c99205efb1ff0e6f7af1b5748bbe3a3dae7cfb35b435", + "source_records_hash": "f9e103968510e03fbe5bf8a3cc2f8db98951b392a202a586c2448c5ed8235c61", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1265e85b94d7619c5436764f", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "suporteNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9164eeebd65af1fb5ebfb1acaad204ea7d6aa90b5d0e5cde0879877ec502edc5", + "source_records_hash": "1265e85b94d7619c5436764fe95ae068dfc7ea3aa1a666661acac13b9ac101e4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e69ba1fa120172f4213f589f", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "suporteNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "230ba24f3f79784badb296087f3b47cd711976cdf4249e49512181912d05a004", + "source_records_hash": "e69ba1fa120172f4213f589fe602f3a6165c4e2344fe3022207eda1bf3ff3586", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0f3801c56cb4b08f947092c4", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "tecnicoNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "689df4601c2f5f850a27571f27a5f3a12496472b30b4816806b83cb2c1d0db54", + "source_records_hash": "0f3801c56cb4b08f947092c4fdff1227bcb3b9439cab320394946eaf864a44b8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-31c413b0232e71b4710e6327", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "tecnicoNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "89e30186ca2b65c8c534aafc7fc904ecf71b3d187c4bca5658efc9cce2ab79dd", + "source_records_hash": "31c413b0232e71b4710e632788f3845675ebd2547d7a86f37c51723b167dc9d3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0c7cde9a47075cd3abfd2fe1", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "tecnicoNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "489565f2b4b727603ccd54661436232c0af53fc753db4640f7224009eff2abf0", + "source_records_hash": "0c7cde9a47075cd3abfd2fe1da70e39171d3afccd96c260b75f87e0074ca08c2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ce0375ee4b7b18900bd669b6", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "tecnicoNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5a189035276dc15d6546bc3f8a1de94ae0ef3461cf89b47da5fc90c264841970", + "source_records_hash": "ce0375ee4b7b18900bd669b64302f46bccc18a15c4e0b97876a7c958a199ae12", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c6c0b7722280588a9ace78a0", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "tecnicoNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "99ef9db9e79a1201b931046ff734e9022bb53708d6072ce1c6ac95f9210bf8ab", + "source_records_hash": "c6c0b7722280588a9ace78a00c6cfb5e54bd24f84ec98779982c7d8760aacd4c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-62f0e127eb35ae8c1fb03f70", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para identity/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "usuario_finalNeed", + "acaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c369d388c66adca83440ab6b935fd5e57fb5d0df7f24743730a72ed2f4cc18d6", + "source_records_hash": "62f0e127eb35ae8c1fb03f707b1c30709e02382d63a5528297d66a9363b2ab02", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para identity/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1491483488df118ee45f5dd7", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para identity/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "usuario_finalNeed", + "auditoriaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c6a3ff55803c03dbe2ace507ed58126c718f833a06dd94b40ca101c6a07f6949", + "source_records_hash": "1491483488df118ee45f5dd7e929325f96754a076fe295eedbe84ae1f87bbf2f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para identity/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2b914cf3641b17869bfa4ab9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para identity/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "usuario_finalNeed", + "consultaState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3f53935b20ac51a1480fd99f4f8ffd1240f3c6af49d26c4c80fc83352447a733", + "source_records_hash": "2b914cf3641b17869bfa4ab95fa5c22aee3319c8b030f9d639d7ecd13772cca6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para identity/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d8711be668a97f11c5a7380c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para identity/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "usuario_finalNeed", + "diagnosticoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4a06b28f99914a17eb15474289caa51c8cab9c617ba5929eb0023fe6f234b960", + "source_records_hash": "d8711be668a97f11c5a7380c7d8f134d22fec936d3f9e4ee1852fafdb9d30f67", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para identity/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5f0921c673c81cc1ac321ef7", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para identity/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "identity", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider identity via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "identityStatus", + "usuario_finalNeed", + "explicacaoState", + "securityGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "identity.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d7a0d86055063c3b24f0dc00b759b2152ac01773a87b8330ed3ea0ad7dff28fb", + "source_records_hash": "5f0921c673c81cc1ac321ef70bb0f608d900242861a25e5d15b1d3c17d93deb6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para identity/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-71748ec665af126c10b797c8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "administrador_empresaNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "238ef044de01c45e78fa69e73c97bb4731f8592a50019a1c5b1f716c78da497a", + "source_records_hash": "71748ec665af126c10b797c82b0fc8a4ffc18b95e61d875632a61b2da5654c66", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3de077a4e3cad9654d7400b8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "administrador_empresaNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6895347f5bdc299208c1f0a9b4fd5aeeae18666d8cf58e192a1d672096facdc2", + "source_records_hash": "3de077a4e3cad9654d7400b81442534e5aa8c2d8515f916b766dd8231f9a4cfe", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8f53890e9662038851171eee", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "administrador_empresaNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "792dc7806959395d7878d20e51407954e62624658e9b710db277886bc76371fe", + "source_records_hash": "8f53890e9662038851171eeebb3ab31785ef5019a78d173b354dcc4addc1f715", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7c3d71082956a95fff719b88", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "administrador_empresaNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ce1c632e559b3bc5e4aeb2d09eca78e8130244c296d91cc8357ec3cedbbe66ac", + "source_records_hash": "7c3d71082956a95fff719b883f75938e58edbcd77c4007fcaa4164a0d9663dbd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-54c5e6268ed987fb0af8734c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "administrador_empresaNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "76cff27f5467a4b4ba0fbf2de1eaf57cd7f5e57216b610844607a3ec78b4a29f", + "source_records_hash": "54c5e6268ed987fb0af8734c9841f3986307622e13eed0d771467a51e1f52289", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-96381c4e36a716a67b6c708d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "atendimento_clienteNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6ef1d4da5c77aea3fbff95ef686cc6838e8091003d79e255dd1aa255e66f54bf", + "source_records_hash": "96381c4e36a716a67b6c708db21af8bc9c112aba831b23f55f906b3588b6d052", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e0e493914892c32cc74a6dab", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "atendimento_clienteNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1ee0313217f96ab3c8608d5126892b0914e9ed7c2b270b0b0c29a37e97f02211", + "source_records_hash": "e0e493914892c32cc74a6dab0aea8e5c34fd174758a5ff0d1864471afb3d94c3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-de0b904c230ebff3c1ab07d1", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "atendimento_clienteNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b8fb284304bd0a39d2baf43bf0d8b8dd1b9b54f633ecdf805d5f48133dd5610a", + "source_records_hash": "de0b904c230ebff3c1ab07d18c6cd88c92679a8bf99477f3a76468595eb11981", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ae2680aee85f10cea512891b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e15c5b29ae583edd8c499c7fd56645dd90588b18b6cadfff97cb2b35c204821c", + "source_records_hash": "ae2680aee85f10cea512891b6e43d01296f71d8d80cf47401a3c8b1764179ec3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8c4c77de81370500e1ede980", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "atendimento_clienteNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ea23021e3f758adf0581143a6f48ed50e4a2fcd49aa807b768a8eeb33117324e", + "source_records_hash": "8c4c77de81370500e1ede9801142de9cab8bb6386b434b9e53e80776b272e000", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-48c50724541aa215fd8d763c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "ceoNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8221c5b1c30c604ed3b2068ea34174f77c5c0f7c4c3204c082869de5ec7bc8e3", + "source_records_hash": "48c50724541aa215fd8d763cf8087a2fab77476eadaac60958650199f83ea200", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-80de1ffd669c9da1d6de38b8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "ceoNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1a29e5a01a0d808c2769ff2fe13768253076c8913924f3dc46c5d3cc2e7c4004", + "source_records_hash": "80de1ffd669c9da1d6de38b82c335389b174ba690a5fb8a58c48320410bf2c19", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ae35c606394bc6bc91029f13", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "ceoNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6e744df3be0b0d8c1f1528d0b2e44a2ab57e17f456d2b74c3f3cddf327ed6901", + "source_records_hash": "ae35c606394bc6bc91029f1372d9a02c095ff51f80b0fab4fabe23e10e240ca1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-604df2ef6b14d00ef7c8b3cf", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "ceoNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "712dec8ded9ab420904359951da63fe612485bf3506361596e6e4a52b8d05690", + "source_records_hash": "604df2ef6b14d00ef7c8b3cf403258c04c453f1557a4ec0accce850c3f520e60", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-366dff8a1661d9bdc3edeb98", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "ceoNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "752ba58c728fe4d51411cf08c8359bca1d71836b94baab96f31624db4bddc68e", + "source_records_hash": "366dff8a1661d9bdc3edeb98ce532e47f9b273dc3faf39321d12edee18a9c30a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5df244d34e4246ce34b5e4d4", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "cliente_externoNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0fd3c565d6b3a2c842e3b94625f2f81fa7d572c43d5823861305c516300f5ed5", + "source_records_hash": "5df244d34e4246ce34b5e4d47e7c0670edb2eefc9dcb42912ff2d3e95ca2f748", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-72995a713a20b24f6c67f28f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "cliente_externoNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a1f961d6e65d9fd084a2949864258ea771091fb8e7381d37a436c55fb37114dd", + "source_records_hash": "72995a713a20b24f6c67f28f2e82d84fdb9221836968a7fbe5d1835dcf09b430", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-832fc963fbaa5ec8fe75f6d8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "cliente_externoNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9598a171fe3d7b50d000f9802b4f28c4739dd2e1300e4d13f6b7e3954f561271", + "source_records_hash": "832fc963fbaa5ec8fe75f6d8f2af1f330f95c8ae33bc38be57a18ac2a2da0fc3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-364e7321b8725a0dc884823c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "cliente_externoNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "96120816d0e677d2de3061f88555aa5ea0292434b67a548ea2f28a89f4fa990d", + "source_records_hash": "364e7321b8725a0dc884823c877382a01da866129aba97c12667243c7c063114", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-592878b1e05324548d78e0d4", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "cliente_externoNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6d27a998382e68258b560a6c7c54e94d7bd0e6f67892c4d35aed6ceb3f5598d7", + "source_records_hash": "592878b1e05324548d78e0d42f71050570b28233219051c61b813f55de964eae", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dc43504e86c65413e58fda36", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "contadorNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8d3a16c75996349293a03cdc8ccfa8c52497762776b0e70289ed8ffbda86518d", + "source_records_hash": "dc43504e86c65413e58fda36320a27b794b00fd78627f96fb8c6d4453c3f0ddb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d06b0cef56f8457b77ee607d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "contadorNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "361b3e3c339284d2836acc447ed26a048607476afbdabd571eb210f8b9ac65a8", + "source_records_hash": "d06b0cef56f8457b77ee607dcc4af8c3b1a51b44e1cd33d92881e477234ddc39", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-df99a462f4a34fae52b85dbb", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "contadorNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d275595e38437c6face4cc4f42b7f97a20231b7e34555e9433a2727733f701ad", + "source_records_hash": "df99a462f4a34fae52b85dbba4838468d95a66f3076640519568871370c9a1ee", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-23a969f1068b35a27b37a60b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "contadorNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7ab8582100d1cc0805f1a0f6c730d5bda71a2bd510932e9e815249f9364dbe61", + "source_records_hash": "23a969f1068b35a27b37a60b0e036c63e340da4656f9c15f0cb0451a7ce93642", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-98c8ced87e583cdda0f22e6e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "contadorNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "567cf3ce42f8919b78fc19075e26404dedb0225436065f21ffaea17a2fe144af", + "source_records_hash": "98c8ced87e583cdda0f22e6ede378cbc2787338984cb2d3fb7c00426f78c7d00", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8da7afb8a01d4cf05680ad63", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "financeiroNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bdbdb418289b9fafff195a9415d09b03d296ba67e3d336e1441b1686e167141f", + "source_records_hash": "8da7afb8a01d4cf05680ad63aea47ef99faa52dff9a15d09e321f8aa88611d23", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6db1a36922cb406c950cee41", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "financeiroNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "677a055b725a2cf09999a281ce79e1aa696eb21999b337b81d2e6d2b5794602e", + "source_records_hash": "6db1a36922cb406c950cee41dfebc7bcbafcfb82913ff74f2df4a2a4f89bc371", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3ff92967f7bc51e96311abec", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "financeiroNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "51c7c3b67463962a40f07f4c6ac3ab7323d7cf89585be0d7447be925c903098c", + "source_records_hash": "3ff92967f7bc51e96311abeca00e483b96d811904739ab89f4cf4572444b8be8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-55b9b3fb3bab2823745baa65", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "financeiroNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b947251b143ef603c2eae4a817ac661a3fd1b0a191177faf43554ddd9bdec401", + "source_records_hash": "55b9b3fb3bab2823745baa65a9270c10e3bcdb08fd1ae891448dd0bce78f652f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8b62c883ef19765e055c1d83", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "financeiroNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "180463bb08a2a9d31b529698070ab14662089b79627effc006b7c0bb55ef42ad", + "source_records_hash": "8b62c883ef19765e055c1d837bad3b29c288162762770def69de0f4cc6434dc0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-515b6a3bc44541087a29e224", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "gestor_operacionalNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1531c82b0c7bd5384968660389f7f87788a21e5cf6713ecc78589444eb16f14e", + "source_records_hash": "515b6a3bc44541087a29e224f51b0929a2ae0f7856659b50334cb1df6aeec1d7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c2fe0a91f3e35727d4f91c6d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "gestor_operacionalNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b02cd801cfc03bf210764fef03eba358d630fd96ad12c945ab375a91a486f9ed", + "source_records_hash": "c2fe0a91f3e35727d4f91c6defde3bc2cc27651c74293e1c89b5a8d8f8516aa6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5419f13ec96212880bc21cde", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "gestor_operacionalNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bd962027185db0301f39c7d37a02fc887d1d73d13543056cc4744f06db0e6054", + "source_records_hash": "5419f13ec96212880bc21cdec80d81f09d3ddc5c1cfe2a484714582eb160a53e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6fedbc1b8d02cfdfb70503a3", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "42ad8f37d20cdbb00aeed070ced28a0a53ba364afb905d9407acadae235ded34", + "source_records_hash": "6fedbc1b8d02cfdfb70503a35799d5d53f7741819ee90b6048502f1ebfd11b0c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-47d4e5117965d3f86217b32e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "gestor_operacionalNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ee85c42c9a9a49de8caa1775e20e0dcfc4050b35efb2223bddf99b0161f24fc2", + "source_records_hash": "47d4e5117965d3f86217b32e017aca0591ceb7b46d3b6d38e729b7b6f91dc6b9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9e20a3b04b9903315c6a0593", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "juridicoNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "02e215dc882a30c24b15ccaa57f0386b9c4f9a1d245d6b1c537a364e34346d3e", + "source_records_hash": "9e20a3b04b9903315c6a0593c0a94f5e4ea4cc1d4a8906e1555bd99ad186726f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d4ddea48892e181e5fd414fd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "juridicoNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2496f8ee8c9a387a578914022a388c97b5300b9589cb22e99458f5f35c925504", + "source_records_hash": "d4ddea48892e181e5fd414fde27d5a5ae6ade49afa4336cf980d8c8d87a86d74", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1262901d3e2c96090944f917", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "juridicoNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "aea1a1d929b175cb53125477a9139665b1b150ede73a888000d9f84bf3be7928", + "source_records_hash": "1262901d3e2c96090944f9171278f844ca4e3abd6bb3952b7705917a72396e4b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ced9a5325468ea24ca05ae0f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "juridicoNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "be5e2e6af03e5ecdc39e122fe1e1bb5837de240320c5493a015a026453e471fa", + "source_records_hash": "ced9a5325468ea24ca05ae0f602613e60143cb36f1014ae7ad5cd5a5cf017387", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f76f7bcfd159d1b877f1ab02", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "juridicoNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8512179c6e63b243e435ca8345ecbf51bcf8d8606ea8a0c7e62c83e2871a5a55", + "source_records_hash": "f76f7bcfd159d1b877f1ab0202c30816eff8eec9a669f6fb8384837cdd7b40d8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-93e19c1c30d47cb0f9f05dbd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "planejamento_estrategicoNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cb89200db4c96bf7154f75947969e0cb974c0bf564a846765a6406fdd589a277", + "source_records_hash": "93e19c1c30d47cb0f9f05dbd372c1c8c7754784027f08dd7c4bd46edd7bd025f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1088c421f660d90fdafd2e48", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d170a3cf535ee7bfa515b8ec44587b0369344cadb0b7b9d929b0bd5e5b68434e", + "source_records_hash": "1088c421f660d90fdafd2e4814ff9a0911464fed8c19b25a03703e0e4644dd4e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-113a7b2b421ed6b79703cad9", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "planejamento_estrategicoNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7dd72bbdfe57a11c013c3364d9b9344b4dfb2aec88cbbdfe33d10c311e9189cd", + "source_records_hash": "113a7b2b421ed6b79703cad97357cf04b0cba62da85269947f0dccf6ba814f9e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-67d919fb53410ff9f3d31446", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0e3da7b7a21992430bba2e6e80e141ff505f1faba63c2c23c43e950166d866c4", + "source_records_hash": "67d919fb53410ff9f3d3144604fccf921bf037278b3ca516c9965853f5cef0de", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b1a01194355fb1bf19411c95", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "66de7c583586941707f56692369d887d21f7a6e7102a48869f01ebb2a3d80554", + "source_records_hash": "b1a01194355fb1bf19411c95ff39ac924d726d88fe3e45beebfc29e3e9566a05", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0cdc019b192bc4c1c6a280b5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "secretariaNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1497b1b9fc9912d5d546103e2b5ec06abda06ab02fde7c6900dbb0777b64d05f", + "source_records_hash": "0cdc019b192bc4c1c6a280b560893309a10b5758807c603c63d1029e2871e69e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dc8998d31be105b8d3cb842e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "secretariaNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4a8d7b46c0a755f84fb64f2cc9ffa6aa167a324b506e9d64bfe90faafb75956d", + "source_records_hash": "dc8998d31be105b8d3cb842e587d60c947140ebca3e9653d42444a404df33e47", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-647eac2e94c135282564ae61", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "secretariaNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7b504806c174b135ed735c5957f6d57d8819917d557526c5296839e4898f0772", + "source_records_hash": "647eac2e94c135282564ae61ec5f00e29f94c4acccb7252e2ebffb2f104c075f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1bb7db57db2420c66f7ad981", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "secretariaNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e6c1995bdf80a1b76600fe1324f3a6d36343a30b504e9c19159b6106a58786e6", + "source_records_hash": "1bb7db57db2420c66f7ad98142319b823f455eca333c7ba359be6d78e83a5a31", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0337cac15092eb32e6a62da5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "secretariaNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e7034f3cfc44005414d4d79c1f7c64f1032f754c047aec978d8399c612e8a1c0", + "source_records_hash": "0337cac15092eb32e6a62da56ee71f3ddc0a24c8670132f5ddec1c41de5a63c3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-06456564d704e1f8fd7b925c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "suporteNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "820a2417f79d20987963108602464707db837ff7914e2b184c8dece3a403061d", + "source_records_hash": "06456564d704e1f8fd7b925cf90673b20ed0947753099154a6cbf78bd84a7069", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ea84d132b50c89545f64fd5d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "suporteNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "63e7ba8751e7a55156738b06f126d6de6d37612eb5e3ec23a519217b831cf823", + "source_records_hash": "ea84d132b50c89545f64fd5d78db70b0eae15d62af89bc3e220370702219c4d7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5197bb5204df9ea60ae277d5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "suporteNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1583ed9e3c1b3f62123b5906e5c75c0a5bc06058f164aedb556d8ec0d3c7da69", + "source_records_hash": "5197bb5204df9ea60ae277d5ab03152ff2c7bd54f45a84b93e75e8589d4aea26", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5775efb7d72ea48d1790a068", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "suporteNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "750c5e653043248602a6f61ce4fa5e896895e2df59cdcac35079f3c4b498abef", + "source_records_hash": "5775efb7d72ea48d1790a068094f80721d35c5650bcaa54b4084504cb5fa34cc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-da5a25cb79ae805041d212ba", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "suporteNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8a2dc2b1c0a2f954e782ecd9d6b00a1ebf3c1c32d0e833a121166cf5f0f93719", + "source_records_hash": "da5a25cb79ae805041d212ba27e986e2efb7dc276c198ac308ed06ac4e159ba4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9014a75fc2c99e6ad2c3ffdb", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "tecnicoNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "51bd6b66b008ee477ac8419b18cdc286f665e0704d7ded5d6696a92f51cc1f98", + "source_records_hash": "9014a75fc2c99e6ad2c3ffdba0f2e23c959a459fcecb707326d993a25761600c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d96a91887a51c523242d6a09", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "tecnicoNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bea0970b456274f0f450eb292a27d9a78ee6e0fe2bed23473133ca68c3db0bc5", + "source_records_hash": "d96a91887a51c523242d6a09203e13677a799b1ee6b8616caed7d219b570f7e5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4d5d9dc754ec2a0459d3caef", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "tecnicoNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "11aadc9bd88bc30b389727e73d094807e9ddf4d6d8352833dbc3bf10716be631", + "source_records_hash": "4d5d9dc754ec2a0459d3caef6ca7a9fde2114308e22e35e952028f2be7dad8c5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fd064431c41ce024a0ebebbd", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "tecnicoNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fd7979977f43c152f87744ac8df864e72019008d2b759d3707e32c0764adac21", + "source_records_hash": "fd064431c41ce024a0ebebbdcfe14578ecc281e1573dcf1c97787aa7d8a4183e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8e89b3bad61e1613a09a9937", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "tecnicoNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "93f7a22b359934855595bbce8345eec7da5a5969a5c129d2f19e7b55f110f0ae", + "source_records_hash": "8e89b3bad61e1613a09a9937d8690d26b5c40ebfbd266838bd6fcf31999a34d4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0c9f17aea4cd22d6d077b4b3", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para integracoes/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "usuario_finalNeed", + "acaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e705ff9197f0c14bdf32d57cbb664833d799f1749b42c799504361effa30ceca", + "source_records_hash": "0c9f17aea4cd22d6d077b4b3f25238fd74b4a24c2417bdd0021a738d24f9ced5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para integracoes/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-da9953ce1519cb30e25a1cd5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para integracoes/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "usuario_finalNeed", + "auditoriaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c454f4e650ce5bdd9728b3b74c5bc55a2bf447763e2f48b4709234a993d5e90a", + "source_records_hash": "da9953ce1519cb30e25a1cd59cb7f561ddec6ce6c54337a543cbd1377b111780", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para integracoes/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dbe5a17c4500ad77cb79f433", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para integracoes/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "usuario_finalNeed", + "consultaState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "17c8830e7aaad12d0e6f3f7445b7efe727cd5f8a67c48e7ab40b027a81e8b3b5", + "source_records_hash": "dbe5a17c4500ad77cb79f433dae02993efd3033e9c30316e1a1d1e2e9578f857", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para integracoes/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-53181bba1e402fb74ccdc6bb", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para integracoes/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "usuario_finalNeed", + "diagnosticoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d49c601f4ece8180f6ce1e5350a9863f54e567c6f29a09661d5a7d6702ec99b0", + "source_records_hash": "53181bba1e402fb74ccdc6bb2ed5b86b77a294564fb4a458976fa4bbb9a60fd8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para integracoes/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fae75eab89e7ddcab2bc948f", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para integracoes/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "integracoes", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider integracoes via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "integracoesStatus", + "usuario_finalNeed", + "explicacaoState", + "integrationGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "integracoes.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "53613b785e2441ed320025ed21c345ac6af31038b3334ffc6c00fdb157f64400", + "source_records_hash": "fae75eab89e7ddcab2bc948f7c4c1d50fe92c881001baa96fb787aae7797a781", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para integracoes/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e51fb10711afbbd6d6545eb3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "administrador_empresaNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.administrador_empresa.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7b4bbc6c85282e3d269db08747c4b097d3e968f9805d31529fed9de27f83c6b3", + "source_records_hash": "e51fb10711afbbd6d6545eb3cfdd00fef7c8e592f18a7e7b879a96e6775bf7b2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-27abd82fae067bcf989f9f97", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "administrador_empresaNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.administrador_empresa.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cbdc646df8ea926a8e9834608e301a0e7cefb0b14e9710e5773862ce43f44d28", + "source_records_hash": "27abd82fae067bcf989f9f9766e9b22d182ccd7a3fff9f2a8f00f7c061d74bcd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-5aea8564ca36f345d35bb99a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "administrador_empresaNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.administrador_empresa.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "88a82840148903c2451fc1b87aeab8f9e715926e4d38a5545c48acbf47379651", + "source_records_hash": "5aea8564ca36f345d35bb99a853d9f2ab716adcf557187151937cb5e72146bd8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a97f5b221a5ccbe73d8c3034", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "administrador_empresaNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.administrador_empresa.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d57b8a83209623b8ce578342a512e3ac029e87bb60b79a898713758f0f0dfdf0", + "source_records_hash": "a97f5b221a5ccbe73d8c303463fc8838df7ef840631d9855a661c8c0d083e542", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1f20a64247fad65d9714859a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "administrador_empresaNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.administrador_empresa.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2138faa3f202dc97d9b497232d51aba1bda09c3e8c5e5b8a70b01fffe1655add", + "source_records_hash": "1f20a64247fad65d9714859ae55131327a4de7014f2a0fde2a55116360086b16", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-006804297874a769d850042a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "atendimento_clienteNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.atendimento_cliente.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8d42aff90284e2f78efce5423f9cc1433c4dddb2d7d457cda0a960f4b3dffb29", + "source_records_hash": "006804297874a769d850042a88a51450538c6e45d93e8350bc44cff914a15331", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8c24ba50740b0850092f4be3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "atendimento_clienteNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.atendimento_cliente.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "abee78db89549fca71d458fd1068c2eaf0681865048933961ddb448aa8b96555", + "source_records_hash": "8c24ba50740b0850092f4be375533a0134cf0ed81dc6f28d5e917c59ea0e8fdc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c2c6bd281c0d0fe58528b69c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "atendimento_clienteNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.atendimento_cliente.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "630a26365117730b8115dd165e5db2a5d378fba2b22623baa6457e21118b8788", + "source_records_hash": "c2c6bd281c0d0fe58528b69cc68f66f35b8561a41d9f70a14d4f9dddd17521f4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-76b190c91dd8419e5b134d0a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.atendimento_cliente.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ac91df2d7b31c1aacaa06905ea3fb93ef126f12cbb04db291f434f8b167d1eac", + "source_records_hash": "76b190c91dd8419e5b134d0ae2dd3e7627672ce59b31ef428c5f9a519d69db19", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ce878b9d63510152bdc08121", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "atendimento_clienteNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.atendimento_cliente.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "de88e249b0cfa8dfca65c11e1541c07ee6de6be97375efd5d67aa062fdbcd8cb", + "source_records_hash": "ce878b9d63510152bdc081210b3a88e9104e996368bfffa73fa660a72d98d054", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f2f3159e1337f7f585d61f8f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "ceoNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.ceo.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1ad197f9bdf5bcf358dc1e93a33c668d55df1387228a95d13bb9a57d649be66d", + "source_records_hash": "f2f3159e1337f7f585d61f8f7b2111c2486f5342811d78ba4d6f415bc4f73c21", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cbdd2f1e558af059e203894c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "ceoNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.ceo.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6a4877e099977f2aae689dcdc710358fe39e7fee6ed7b179f033be584fdc3b64", + "source_records_hash": "cbdd2f1e558af059e203894c4b9b96284fdb253b2e83061133f05129a5bbd923", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b935c651cedf93542a691e8f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "ceoNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.ceo.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b4d6143eee53aa21c8b812f527c99f0da15a64c0ceb7604ff0f0c49740f781bd", + "source_records_hash": "b935c651cedf93542a691e8fab6420cae2318843b3ff4e48a7a83f9ae681b8e0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2cf7916fe17777fbac6ec777", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "ceoNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.ceo.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b5385f120180695b4e5165ae7ca2aba6f221e3791454a6af6bd12dba58e18996", + "source_records_hash": "2cf7916fe17777fbac6ec7779741ada9ebbb9d93e1f8213d2a7ca607f83b6e43", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-579630bdbbcf01d24f523270", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "ceoNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.ceo.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "24e9c78ddedc81c99ca46923d872ef3b5734bb91cdc0e36e2cd190b8c6ec3583", + "source_records_hash": "579630bdbbcf01d24f523270b7f9bae4b576cdde783e8c6d4ecc17e0032993c4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-11aed14d148ee16449d85c9d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "cliente_externoNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.cliente_externo.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d253bd36e061abcadc0d47585de77ed96fe70a9bd955a4680e07c34a52939b15", + "source_records_hash": "11aed14d148ee16449d85c9d57c9141831f27e2f91f2464fb766bb7ec8963326", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2c1a27444b0cb28881ca49f7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "cliente_externoNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.cliente_externo.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3c58095a6b7695d63624ec386670fe542548bb6940bee1d1638697e265b0b377", + "source_records_hash": "2c1a27444b0cb28881ca49f7944132a54bae5f4d9df07e00679cb95e00a750d4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-eaaf0ce9bcffdb720df4b05a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "cliente_externoNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.cliente_externo.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c8830bd76196e8badaf7a4911d6ae55838fff3cd087dc06f71f46f1a6311ad10", + "source_records_hash": "eaaf0ce9bcffdb720df4b05a4ec470637b558d77c6a6b3309ab0d91c2927ae9e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8c49624a98d5e87a5532cec6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "cliente_externoNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.cliente_externo.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dbfe56097ea0e60994d1b6b860f3ee792ee37fc0f5869809d67c9361ec901318", + "source_records_hash": "8c49624a98d5e87a5532cec6b193bbe5dfb99678dfb34196f7eb40bdd184c636", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-29ba543a38bf9796c3ce1cbb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "cliente_externoNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.cliente_externo.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7faa64493de29f6755f876d84438151288585dbca9de980f4aa27618c6f580b5", + "source_records_hash": "29ba543a38bf9796c3ce1cbbfc53552ffd6b2169673ee2a5821d296117c96c00", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b014ba9470f3154146637a5a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "contadorNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.contador.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "db122d00a203d8416ef8bd8028cde855776d78c990e09db0d9b50e24fe3793c0", + "source_records_hash": "b014ba9470f3154146637a5ae6e5641cf13013166e6f3277b8f032eeecdfad4e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1e7c6bfd59dbd7f99af03729", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "contadorNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.contador.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "855958ddd921a888443f0870272c329c00c962e4838959d8781af8413125c517", + "source_records_hash": "1e7c6bfd59dbd7f99af0372905a4c66a01648f0e885e19b15c88643140f92a96", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c67169232182ef3a1f23436f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "contadorNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.contador.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f119ddc8d2b349f9d6bb4407f5ef1799167712b43c5af585d47c4340db7e5726", + "source_records_hash": "c67169232182ef3a1f23436f3b2892b7821b84ac2163e8e810a8b0a28b826004", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e518157558d8cd7c7887dd79", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "contadorNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.contador.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a517a628b4cc1b27af6624ee1799b3567655f8f18fcd1d5ba4e7c17fd4fa5563", + "source_records_hash": "e518157558d8cd7c7887dd79f798b523c2cc449d14a0bce66194a15ca6710bf8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f507e6b94d33db8ab8013630", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "contadorNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.contador.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "272d0436ad59abf01a12f1e4ae6e3e0806427c873355044a4a248209eaa31e2f", + "source_records_hash": "f507e6b94d33db8ab8013630a6d862ee7bd7bcf3353c7fb1b077fa50196d6454", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a638c957601742dad67267cf", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "financeiroNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.financeiro.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c1d39373659cda4bbdf15fe0bbe5524b692209a6e4c21c982227bc07fadd36e8", + "source_records_hash": "a638c957601742dad67267cfd5834f150afb52efe58342931b60cbbe5ea05547", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4d014eb70cf1f7e95517165b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "financeiroNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.financeiro.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bbae576a71cf995585a7667df267490a06ac0113c8734e74a220f0a5e8926394", + "source_records_hash": "4d014eb70cf1f7e95517165b11def79b0b51ab5e5a7949c67de587ad8881d737", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2e1739ea25b7d86cb67d42fa", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "financeiroNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.financeiro.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "74869ba316941a295c141f61b2475571f5fc230ef6cd8bebef2c3f3c90cf187d", + "source_records_hash": "2e1739ea25b7d86cb67d42fae9d14c6505a14a19e2d6dd136359bd7310366542", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-5e8743c8742b2f5c74971740", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "financeiroNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.financeiro.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "838b3bd695d75fa50520cbb59e5e54fc39069150a4facbc65ab5171e3bf180b9", + "source_records_hash": "5e8743c8742b2f5c7497174011e77a98e44b7e711b67c92b5756167f8b76ebf2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f577edbd6b3a46e66079df6b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "financeiroNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.financeiro.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bc4a45cee886302641b4f6bbf835a24f8841d35690a2aed09bd94e5d85b8657b", + "source_records_hash": "f577edbd6b3a46e66079df6bba6fda8b9db9689c819782d4f94eccb6ecbfbc98", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-79a20430a5650200240b728d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "gestor_operacionalNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.gestor_operacional.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f4e13857d86c11933146789c8577bbe74c4f9021a2623ad48e704442e8245b65", + "source_records_hash": "79a20430a5650200240b728d12a0213cdcdbdeae4d4aac49799b6f8abf5a3f0b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f3ee937ccc839e6f72971c2c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "gestor_operacionalNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.gestor_operacional.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "575384c067cd4b5be3ff91d18a3a034e4043563cdf666a0610e47d8f62dc9277", + "source_records_hash": "f3ee937ccc839e6f72971c2c06a4738e41a43aaef886efc579e882bd35ecb1bc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3919b10a942f69e041e33502", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "gestor_operacionalNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.gestor_operacional.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0221c58a366b507dad77a731407e5ed53fb9f3e3518f20007dd513502253d679", + "source_records_hash": "3919b10a942f69e041e33502bb1b669caf67bb34615161900720dc5f2ed615d9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ac2b3b2879007775a9f3a246", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.gestor_operacional.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b0c487ec1a850e615ba0b51c9c275df8c4651de2062fe429f712a248282e07bc", + "source_records_hash": "ac2b3b2879007775a9f3a246196734792776cfeb2779865159bdad70245331a1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-56cb3aee4ebb458290dc4ee1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "gestor_operacionalNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.gestor_operacional.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "622456ca85376f5bb02f28ddf5279f61c6139f0f26c8af13cb68076348e421c1", + "source_records_hash": "56cb3aee4ebb458290dc4ee1ab647e466ce5785f386f204bbca979035b32647e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c6488f4caf21dfeb87a678f1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "juridicoNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.juridico.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "65f9799c46caf9f3e3328677ae1dcc4a795e7b3e0733c50cbbf0982a41cce1d8", + "source_records_hash": "c6488f4caf21dfeb87a678f13decd2cdd06ac54fd6ac74c1e4e940620c449d29", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f7e7d30a62e45a9f0fd63895", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "juridicoNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.juridico.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0fe9221139b8d391f8ffd7a26aa6f2b44da38545874c6f1adf782f65021bd5bd", + "source_records_hash": "f7e7d30a62e45a9f0fd63895405d95d42bd1dff0785f19db24b62a7997bba8c5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-52b702171ad75f41762b84d2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "juridicoNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.juridico.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5d6f57d8517eb2fa55df31169ab720babf86d8bf1d92fb73bcc15a15244f58a6", + "source_records_hash": "52b702171ad75f41762b84d222e4e7f06721c70130f26813e07924d6c593f02e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e8673d5d261658103edee90c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "juridicoNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.juridico.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6521273f2d35690f7724c93a0b8a67044aac53d2b1e7f113797b21fa37435855", + "source_records_hash": "e8673d5d261658103edee90c25a406a655fc07b330ddf710542bd636930f1d36", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cc04e38b5dced9c946e1f6b6", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "juridicoNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.juridico.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "534911ac29baea077dc12b89dd928d6c236a0396ca042738467d1a46e5d7d51d", + "source_records_hash": "cc04e38b5dced9c946e1f6b68d44a73547ae08af49e2f0abd41cb23f312957c4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3f365cabffcab3ad2b19d5d1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "planejamento_estrategicoNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.planejamento_estrategico.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0a174949ae0394430fabe8e8851d91e75b903a9cde9cb9cd6b16a8dbf4b90ad6", + "source_records_hash": "3f365cabffcab3ad2b19d5d186d6fc733b6fdea6935a0f577c1c1b93ba067894", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4d2196bff50ff432c770efb1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.planejamento_estrategico.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "07be2057c165c6e1bf8c4ad180eb5e13fccd15cba92fba690253126341006735", + "source_records_hash": "4d2196bff50ff432c770efb1e142ef6e932c546e46b3511d8058370027eca387", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-36d9f919a330b107e731c039", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "planejamento_estrategicoNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.planejamento_estrategico.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "00927dd48f69cbdd09772a3adda97f1e50178c0bbd06dbc97ca0961d477222da", + "source_records_hash": "36d9f919a330b107e731c0395ce00a3001e01a2583f01d9850491943a8a6cdeb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1ec5d2cd453318c0ed4e2bcd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.planejamento_estrategico.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c31a9b7b5774aa68900ddea30970b06e953218fa286a17ec75691e55f9295299", + "source_records_hash": "1ec5d2cd453318c0ed4e2bcd7f0becc7f0beca360d8d7e3ebe6d315ca0414266", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8be1669593e780018ed9ba68", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.planejamento_estrategico.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e917f38da6bd5d5a2075a5acfbb9105c01548397b9626c7a6bfa1d9007450b92", + "source_records_hash": "8be1669593e780018ed9ba68bb621d1acbd8874d6288eee9c9208dbe83e8fdbd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7c7776f90948fda7891e450b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "secretariaNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.secretaria.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6ea55d2f9df8d1756a7087aad0bc4390fac2dd011834fe450e298dd960862ed6", + "source_records_hash": "7c7776f90948fda7891e450b892f7c71cda1458a8e52f4e238ea6effbbb0ea06", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c7dcb1ae8de85d29ebef497c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "secretariaNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.secretaria.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "40b78d042e1d456521cc0b946c867b57f9b24d411a5fc4e4d183a3c234d31221", + "source_records_hash": "c7dcb1ae8de85d29ebef497c8f34a16fed3f2ee48acea662b5821dc7fe93f741", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3edde4c82aece8f300b10a6f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "secretariaNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.secretaria.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f3bcad373238a4f11eb5ae43f17e6a228630866058a184f58ab68a6aa7a3c5f4", + "source_records_hash": "3edde4c82aece8f300b10a6ff21a5a88671f850b56a561af00326825e581c072", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0a774c117757bff38bf1f4e0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "secretariaNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.secretaria.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5d2d167d6ee31d7865092f2b83a04bb8252f504d81c413798d5d37dcd926777e", + "source_records_hash": "0a774c117757bff38bf1f4e059535a222d4ff15afb613305c40cf7ecc742209c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4e58db4b57e9bc4c47fcc4a1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "secretariaNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.secretaria.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "731ac342ceb8c12e3b784b584ab6cadc9c0f6d19d3aab5b83388ef13fc522164", + "source_records_hash": "4e58db4b57e9bc4c47fcc4a1241fa3c976d4556075149c1a0b6dc9dd299e6c43", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9d47834080979dff3a96b0d5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "suporteNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.suporte.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "90e8a04d184ad679c6097e62fb04c0793843dd66d1637874b254d3d7da902cbe", + "source_records_hash": "9d47834080979dff3a96b0d524a1b55f956d2a25fb7b1c535bbb89be60a4aa6c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-41e25d28fd1690aea547fc1f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "suporteNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.suporte.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "694c7ae559ea4ac7f6d15141d0cb8aacb05fbdbf44cde2a10fd2ea075e6d07e3", + "source_records_hash": "41e25d28fd1690aea547fc1f6a63c501cda0c155eddb94843b9967e3830d8156", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9981db04001cece8f9521605", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "suporteNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.suporte.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "350c6434829ddf0fe43836c4cf25f8b29e1de627847a9436c99232395691d05f", + "source_records_hash": "9981db04001cece8f95216056340c3d4438445344dd5334169180ff489539948", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ccbdf29e6b7b7fb6139791a1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "suporteNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.suporte.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2897e5662416bc4abb2573cf90505646513ac2a5a94ec149a50163e93c37ce06", + "source_records_hash": "ccbdf29e6b7b7fb6139791a1ffecd22b1080d1e5ee0aaf131447721172bc196f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-fef1685d1556ed27fa5d580c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "suporteNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.suporte.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8c0d9c196bb644f535b64fcad711c023453aecf23d708d0666eb762c6804d7ee", + "source_records_hash": "fef1685d1556ed27fa5d580c385bcb593acd58c5454938f0721c75db35c8a6a2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7bb5d562b90c0c52c50d301e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "tecnicoNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.tecnico.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "08b05daa1587969772043a081c928e38445fd8153ba3bd6341a73f859ad81349", + "source_records_hash": "7bb5d562b90c0c52c50d301ebb61bef096be8fb671698c4b312ad4c34e2a2cbe", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a32854225aaeb19aedc12f5c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "tecnicoNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.tecnico.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a8de96836c9820424f1548d7e9b58adeed78f7c405bbbff3a7167fcbc39d4293", + "source_records_hash": "a32854225aaeb19aedc12f5ca59bff839a0aa664b456d00a2dcbdc7fddd440bb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a91d571bd1319c6d1e7647e5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "tecnicoNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.tecnico.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6c7372afc6c574c14cc21f75564919ac9552f343a039e0d9b306f8964d95d370", + "source_records_hash": "a91d571bd1319c6d1e7647e54a560bb1dd6e86c36e18ddd936fe322dc4f16d25", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4970930f34fccc58277f65dd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "tecnicoNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.tecnico.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3a66303d2ee24b66502d7299cb54c82adc1e91cba10be579595161e48fe443d5", + "source_records_hash": "4970930f34fccc58277f65ddfc43f1979c1ae901b846d141d59bdc814f27937e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-04e4410ef3c227c94b63d102", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "tecnicoNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.tecnico.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f70279fba9128c733ef8c6643bb470be8d75ea3e9fe1334d9198dadc2e4d1d77", + "source_records_hash": "04e4410ef3c227c94b63d10242685ab0097799c34237fed1325c7c2ef579dfbe", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e925fd4b74aa5ffaa3f4683e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa acao para intelligence/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "usuario_finalNeed", + "acaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.usuario_final.acao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "09ea6123d6e64733349fd0967457e9d9a17ffd61339039b41933d5c5a0b44239", + "source_records_hash": "e925fd4b74aa5ffaa3f4683e777cfd84247b38a98f6b0e412e08c8634fdda97e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.acao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa acao para intelligence/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b914287b979293728ee78782", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa auditoria para intelligence/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "usuario_finalNeed", + "auditoriaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.usuario_final.auditoria.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4f1956c8a3f657f82ee84c2b4eff01ad8c9e24ce5a1b529c86b65e795f171232", + "source_records_hash": "b914287b979293728ee787820ae696e65a1df00bee5da94f949d5331449a0c08", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa auditoria para intelligence/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d78dc30e912612037e7e8763", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa consulta para intelligence/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "usuario_finalNeed", + "consultaState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.usuario_final.consulta.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "05d0bc0f4fe99c0f425bbf64cbe98006f99e83a36909f4a9ce14de9e613c083f", + "source_records_hash": "d78dc30e912612037e7e87630231d0a19a2c750bc229a2ba0b4d4974187da730", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa consulta para intelligence/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-318d37a9b539a966c8eba0d1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa diagnostico para intelligence/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "usuario_finalNeed", + "diagnosticoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.usuario_final.diagnostico.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4004d2d94bdf0a7516017c73fa8aad59eee3878a2dcbe9d11f98705884995382", + "source_records_hash": "318d37a9b539a966c8eba0d13b9e532d80aa5beca5498c4642e759c7225dc2da", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa diagnostico para intelligence/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "same_source_false" + ], + "dry_run_supported": true, + "evidence_id": "evidence-197064a1a9c4f5151b8aaf71", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": false, + "pending_if_missing": "homologar rota administrativa explicacao para intelligence/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "intelligence", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider intelligence via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "intelligenceStatus", + "usuario_finalNeed", + "explicacaoState", + "strategyGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "intelligence.usuario_final.explicacao.administration-route", + "same_source": false, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c0733965eaea19e5db93d1810878968e6ffa3d02a80bdae57b7dc1797d006e99", + "source_records_hash": "197064a1a9c4f5151b8aaf71e9f6d2f1175b90ddfa74d1a34b91afba389bff1a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "blocked", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "blocked", + "validation_steps": [ + "executar rota administrativa explicacao para intelligence/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ff3cb5d7815bce1ebff74644", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "administrador_empresaNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "731eb137ab8e9762e7233dbffa5004847dc346ba1249ef198c88606e75ed2b22", + "source_records_hash": "ff3cb5d7815bce1ebff74644ba78a3bbba0eef09a88ed0c3ecb332e8029a0a52", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9ff5eced39a12c02a3bc15cf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "administrador_empresaNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0a2f80d14bd84522bf92e1fc25d5e448b91e19081e34079b6ca4669a5895a42e", + "source_records_hash": "9ff5eced39a12c02a3bc15cf4dffa73f1fffd4747cd9a1d383c5b10c8b757b47", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9347d368f74fd8c55e7f0354", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "administrador_empresaNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "855fca03c20d6b6c195629a84e969092d5fcdab33a6ecabb87bf79d7f5fbae39", + "source_records_hash": "9347d368f74fd8c55e7f0354321742ea2abe196665f92c3b8e5ccf0b0173c73d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-bad9c3151339bb859220ef80", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "administrador_empresaNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "647612572edc77a2b1d451f7f5a347d5efe0d13e5d94c10e7d9b6d14bb4431b1", + "source_records_hash": "bad9c3151339bb859220ef808cbd96fe66a5b7a780d4186afe1879d9216af855", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7e1284940968cc106f2576da", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "administrador_empresaNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2e1191efe1b707d7931c4b3c1c9ab90eb40d03f4862ec43f97bf543127ffd0f2", + "source_records_hash": "7e1284940968cc106f2576dacced19a6ab07433c550b6c5302889cb20a0104ef", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-17872d16f41e8f9eaf2d7198", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "atendimento_clienteNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e077023f0d69f4fcd2dc05638c1dff613a17c2e43d62d5692853a1cdf007b31a", + "source_records_hash": "17872d16f41e8f9eaf2d7198e6d2e672454e84ce96628ee771716a7b153fedb4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e8093a4f2c25eb901ec67f66", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "atendimento_clienteNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c204989602a42f654368d40606e74533fc171942632e299568c36b0ab9329ad3", + "source_records_hash": "e8093a4f2c25eb901ec67f665f180af91852fafd0a11f3de15db649505813b8d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1a02886aaf226efaaeda7cd6", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "atendimento_clienteNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7efa6001a0b1660a4b2830c43b4fb222b3e87617872780e50ca809c086ce015e", + "source_records_hash": "1a02886aaf226efaaeda7cd67987d34918a92e286d7253feb855a8d7a32ffd0d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f6159e65ab0519d040be1f9e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "75c47062d4bb4f08d083f11152f5495a4227258242e28251d4bff09ddadb56ac", + "source_records_hash": "f6159e65ab0519d040be1f9ed056c08b5b28e8127d8970c343a69855c15ef1f8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f8cc2df9cc6e3f08d0e1367e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "atendimento_clienteNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "705174c3b814d20949623935be1eff471024c37b4b4c604adb383fb5cf255c58", + "source_records_hash": "f8cc2df9cc6e3f08d0e1367ea7bbf5a9cd9f03d8678855189e2e389f26c2b7f8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-80bcd12139e3bab80c207b5f", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "ceoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c220c7ee2bea99b3af8d5f0ed5023edb0b67c65fa488f3493b6ebd415d3fea3a", + "source_records_hash": "80bcd12139e3bab80c207b5f6a2c87ac8da4213625d40b94c0a65a82436f91f8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c045116584ecb609b1d7c548", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "ceoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f045483e929acd7e7b76a7018c1d6a13342b3194be797be34b3838f97b2c78d1", + "source_records_hash": "c045116584ecb609b1d7c54876edbc241b89a58f6e9d0d6f96d42d364917a757", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ba64660a7d5d9d75537b532d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "ceoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "13bad212bf66848f7a5c541ca7ecd17cb8863b2530b261b5e1b3bde7556dc951", + "source_records_hash": "ba64660a7d5d9d75537b532d4c65d63ba27abf49aae0d1f0eea156830d4eec5d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b8ca619a4607edef85926d56", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "ceoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a6c2057d78d470e51b592adce57024059cd959563e92ebde0c4db078c3fc2a1e", + "source_records_hash": "b8ca619a4607edef85926d56755674c7ae3dfa7df708bf0ad40816c2563f543e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-aca55df20dde5d7720958b9a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "ceoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "11afd23a5b817e1424efa54e9ca9adfcd56aa24bf64c40812d48b66e8982315f", + "source_records_hash": "aca55df20dde5d7720958b9a27d42ed38975b905a353ef82b14512500d1650a9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dccfe9a9477b956b3e86af69", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "cliente_externoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2612de095b5c6e8737f3e0c5e2209200a989778acd946321588c228f41c75ae0", + "source_records_hash": "dccfe9a9477b956b3e86af69a0e622f2e1eb7f30286ad9a12c4cafc28a13409b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4975723a7aeeeb762ae719c7", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "cliente_externoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "26534ccc5a408ccfeb5c47ab606bcdada8bb0e6542b3d9e4f3b72316f92c89fc", + "source_records_hash": "4975723a7aeeeb762ae719c7614c5d6aab8128a6073b031465e80bb01b8c0817", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-59bdaf0880f79d05c5126856", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "cliente_externoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a0bf7503450e704c9bf250f1365f14d5a822dd26bfdc03b1c9a28c00fa734bd0", + "source_records_hash": "59bdaf0880f79d05c5126856922f9fcad35eab3914aeab17928ddef248468d5e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e58f51d466dc73633f298b7f", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "cliente_externoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5be1e7d080b6f216924c8b13ed6e7d43e3065efe1d6acaf82a7ea16bdaad6258", + "source_records_hash": "e58f51d466dc73633f298b7f168a1e3e1e9e25335eddd3125b3dd123b965500c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-374ba4ad0a09ebecc4325bc1", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "cliente_externoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3cfd63a789cc1b63e3906ecb5f5b16abca1faa59d699973c61220044c1994eae", + "source_records_hash": "374ba4ad0a09ebecc4325bc1a240ed2093cc4d6dcddbc71cc4043dbeaf2c269a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-719cc211ea59a402ed9f4707", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "contadorNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "014d8c8969febec0ca23089473749bb7563952810a214683c742e5c709d2b0d4", + "source_records_hash": "719cc211ea59a402ed9f47073398a493c2355c2e649099a2a07ebf7f80725c76", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f6d3e337f98bdc4e514d3871", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "contadorNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a080d00753f33b535ac9d8bcd48895e64b2f5d1554da6a7c0694ac2ade99e8b2", + "source_records_hash": "f6d3e337f98bdc4e514d38717de712f0a6c99111032d935f2b0b5dea25c08d32", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5d965deeb3b92a83dabd5336", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "contadorNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "723e83733a670e7e116c3be8668c95e6431a20568f6bbbc143f91cccfd4323a1", + "source_records_hash": "5d965deeb3b92a83dabd5336fdb6fcadea37104de3e943a7754e6cdca23f9ba6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d563ccd356b9ff1b95573d9f", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "contadorNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2e6547446ddbf9ec9268307cf52591413f8cb8110620e97689b6104570187108", + "source_records_hash": "d563ccd356b9ff1b95573d9f2f8d24ebfc5f3960fb1af6f7d29f654ca4ee400e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4af571b1d285771cbc78ddee", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "contadorNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1a698cc4560422c2c3df0c9302affaff263846b4170627158600962a01b10be5", + "source_records_hash": "4af571b1d285771cbc78ddee4bfee4fbea84cfe22a75493ffce694d58c5fc20c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-92a98dfd414054a33bf0c718", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "financeiroNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a3a9dc5b31c21f7c7d79ed5f04f552b896a7b97638ba927495f8e5a14c42b168", + "source_records_hash": "92a98dfd414054a33bf0c718685fff12fb041c34b2bf1c61eb066959bf6431ba", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b9936ee9a3ea8b0176bb7df3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "financeiroNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "95ac0e6200feb5e229d0b11cbd2ab0656863c5242c0c8c5730c82b437a35b9d2", + "source_records_hash": "b9936ee9a3ea8b0176bb7df31eb5bf83d85ec813706d77aff6803741403c4853", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f301fbfec2358b733be30490", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "financeiroNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d737c250a144ebdb77b27cc6376d3c908f823e55d9560d03a5f9c03c62e66902", + "source_records_hash": "f301fbfec2358b733be30490a35bad54fa2e85a0de368f767b44876366531730", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f0d5209c1a5a9a9a33806ffa", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "financeiroNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8d8abd58179250d2e9730acb6e4bfda695e0d249d8896aecaafaaf005f94fc9b", + "source_records_hash": "f0d5209c1a5a9a9a33806ffa0ba4ec4244e0ac7f0a746af5025375d83422eefb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d79aa10fdcdeb68fb9674c24", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "financeiroNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1768dc28595c9ecaf4600d4115e858accfaae619085f791837dd8262f8fa0582", + "source_records_hash": "d79aa10fdcdeb68fb9674c2492c05cfa31dbe60b443bd6253acc51f99555dad9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-bd29f454b2e66cb17ee1e91c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "gestor_operacionalNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4b29fd812cc198f55d1d0d88c54d7eac8966d60bbbb4cf2a95d40aecb208f22b", + "source_records_hash": "bd29f454b2e66cb17ee1e91c895f6940f9c9e76537c561ab81265b2d4879e265", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d7b5f8d62f34b390904101eb", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "gestor_operacionalNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0cf290bf33698dc85504a0187f18385ea5a24337fd2ad85761e3fd370738b187", + "source_records_hash": "d7b5f8d62f34b390904101ebf13a7d3feaac920fbeafff99f593a1764632386c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d90af0ddde1e6e008552129c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "gestor_operacionalNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f0048bec76df852e740e173d09df8f473213f30d4ce24dce609232a88a5d1e69", + "source_records_hash": "d90af0ddde1e6e008552129c131abc9bd8ebbcacea19519530ea866a50bdfdc8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e08e9d7c5ef7ba70959d2f31", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "61255324537dad05c17ea8a749063ca24522fceeb2b2e581136927725a048304", + "source_records_hash": "e08e9d7c5ef7ba70959d2f313dec80010dfc933f8b5968b387299e6056b3f415", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a0cf5577842151f34cf24883", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "gestor_operacionalNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3a14bf496cc1078a075cc8ac0c8b1fae126011fb723992467907bc9e5c954087", + "source_records_hash": "a0cf5577842151f34cf24883b28a6cbd35122004121902bb0c519cfc44c1d304", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-dc9f6ccf80844bc8721c714a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "juridicoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2aee1a7934602713da88f5eb6a3ab447729e1fca90edb9b84448ca3b53665a7a", + "source_records_hash": "dc9f6ccf80844bc8721c714ada2317cd6aacb0e5cd6be57f1b4f291be9569cc5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-824da85c88101f8f623a8e55", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "juridicoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0e8cab4cf54f2707e7bb353d4ab06fd180ac3427062107959227475814fed3e6", + "source_records_hash": "824da85c88101f8f623a8e55f0ab3688d28870d265fd45a1b84e21a4bf7e0c98", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3232ea78796077cb1b1fc18e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "juridicoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0eb96c645782ddfeb53d6b10b5cd87db75a8d9d70fb67f4b147c98fbabd293be", + "source_records_hash": "3232ea78796077cb1b1fc18e6910631d72db90466afc069708c0935f3d8aa298", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-475db604c79db056c3e5c929", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "juridicoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "73ae253ac331f44ab12fb8c5a91700ed396466be3ac47af4918232a20ee0ed72", + "source_records_hash": "475db604c79db056c3e5c929ae950f8f178a3173c782aa5b1dcbb8c2c2885f93", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fcbc4a44dfb49f4159b95fd2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "juridicoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "95b4ba80cbfb1cc6a061a49cbf7964f677f4fd03c7c16728fd1a9bc8d04f0557", + "source_records_hash": "fcbc4a44dfb49f4159b95fd2691400ae7d72e260ce662d02b2d63f5f261cee48", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fff1ccac685319cdf8bffbf6", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "planejamento_estrategicoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9968ce075c30d744ae5ec23338e88ac5e842e1344abcb4a2cb14bcd80dfabfe4", + "source_records_hash": "fff1ccac685319cdf8bffbf681f0622b8d462ce11c6469c126b512cdff31e75e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b499e2611c74801c59c3c400", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b6562741ed6962fdfd05b3885d000c09d491f86ceba36d64175a738409722cab", + "source_records_hash": "b499e2611c74801c59c3c400781ade33aa3abe22980aed8addc41afdcd459ad0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d021810f3449196c500a4461", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "planejamento_estrategicoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f834f6ca3ed86c393c94b6880f66c8b211850512059cfcbccadf60e57f36c6fc", + "source_records_hash": "d021810f3449196c500a4461a1191c6f576e4040efb58b095645d9ef9751b2b4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-54f32d27405cb76107af9398", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fb7d9eb99e39457890a8e151499b94a45330cd394d3ec300234659b105712365", + "source_records_hash": "54f32d27405cb76107af93984ddc1148fcb2fa6229687893bd1765a450df437d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-99f93b2c5c026440341a9def", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e56a6874b9579090984a7cd5b9731fcec680698504cc41f85ccd4571ec4662ca", + "source_records_hash": "99f93b2c5c026440341a9defcdda10c50a3c069d0f8a3421285cc66debcc63cb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b6cf45b5966d4ef50ab4693a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "secretariaNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7bd56540fec188f1ebb72132f1b79c444134293263e7ca93e8c19f81319df003", + "source_records_hash": "b6cf45b5966d4ef50ab4693a9aa6f2c9bab717a340d165312dc6b34cc6c545b1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-80bf0d845797a5f6daf0a15c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "secretariaNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "485637ecea37663ff0785d90bb46366858b1a4da03c18f8cb9e28b1d50dd101d", + "source_records_hash": "80bf0d845797a5f6daf0a15cfd27a5afa24fcf7ac5e5e5a0b4438bdfb3b126cc", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-eecc3fcb8014ed3c4d6ce8ec", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "secretariaNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "051ed5abaddd2eef72fe82f62e74f9c5adbe348827e756950d6edb66da3768e0", + "source_records_hash": "eecc3fcb8014ed3c4d6ce8ecf71621db60de7e6c2861ddadbbc7be3551434936", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-de8683d64a31bf51f50c0c3a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "secretariaNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7d0d34ef87ab7817acea56d79ef5a3f2385e1b90f2ce01c14420d8413643047e", + "source_records_hash": "de8683d64a31bf51f50c0c3adab871602bde0b1f79c85101e7b378b11e959d50", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5296d5ba394e8ab766e15f03", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "secretariaNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "09e2bf7746d24efdf9ac5890fa420fd8a694d02b687c2d7af7f68278942ce0ed", + "source_records_hash": "5296d5ba394e8ab766e15f03b2fd07c6cbc27c7e6670c73c62479a77160c528e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b7c055d2958976df84d6e83b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "suporteNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "da1a22cbfdeb2dce253c9eaceec2f4a1bc5dbeb6e7caa8d64b7ee715a524e229", + "source_records_hash": "b7c055d2958976df84d6e83be31cfd0696ae942c05afcdc2d900bc02ca8942a5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-486670ba3e75b7a635a515f8", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "suporteNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "08071fe221c6b46e54bdde1665335d8b1e9ecacef0194c62502189bc4d917c2a", + "source_records_hash": "486670ba3e75b7a635a515f8ae353f853ec7e9b4ec28174caa4a437044fe823a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ab7c1db1f7de211ebd03428a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "suporteNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "42564f113b24d53d65f30a1397476f92a8c774845974e7c2cbc72945ed703eb9", + "source_records_hash": "ab7c1db1f7de211ebd03428af22adde8ad0eaf7b0f989da99f3886e193474b70", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-40ee418eea684a1366eada24", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "suporteNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ca653879320778785b5def25d846657dd46c4860daa895e659fedda00519d6e5", + "source_records_hash": "40ee418eea684a1366eada2401bd9ce7f3eec12c64602ec3fd1f8ce9c54fedf5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-adcbc0389692e69e5bf59402", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "suporteNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d3da5546e53b86abeb53bf29ee606a2fed00d286a3b47dd005d26896948e0850", + "source_records_hash": "adcbc0389692e69e5bf594028b55b4d922449ce331a88dcccfb3f387001843a0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-89479cca7c85ddb6e1859669", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "tecnicoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2d9bc4f5be7b90aaff306430cf25973dcc30904312d6a1e5d0aedf2eaedfc451", + "source_records_hash": "89479cca7c85ddb6e1859669efb162d201e85543896e1404e7b5a9a5a8e01081", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-52579cebc040238f21659eb9", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "tecnicoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6a502b9650bf7a12ecee791de72cfa3ef5a333aafbe9e6d6699fdabc6aedc749", + "source_records_hash": "52579cebc040238f21659eb9542294d01b6a6ae9c4438c022a68663121f31035", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-de76cd086d2bb8364ea10224", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "tecnicoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3da911bd04c7af334a4affea60d6ca487ff0a2bb4bcd1d05fd30497a2b734b98", + "source_records_hash": "de76cd086d2bb8364ea1022492d6bd08ead1d2708614fae2995869c78a42cd7b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3fdbc3064f1840eb0528c451", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "tecnicoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e20054b16e19e9838048f0ccecfdaf1e88f92ad0731012345a374bbcc906615f", + "source_records_hash": "3fdbc3064f1840eb0528c4512e5aedc5ef2078a445b355707c800fbbbccb1d4a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-addd8b65c3355261eceea2b0", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "tecnicoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "07a6fcc51fd462c0275c57ad08b78185fd9bed8f48ea5faf39b63c136ee8b4f7", + "source_records_hash": "addd8b65c3355261eceea2b0c74d42cab85e8a7206cc2d20c4c95734fbc8da77", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c7e83904604f2c94d1571293", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para mcps/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "usuario_finalNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3bd5236562cb04136fb55d20081eae195981c65fc9c9f44c9e4c8c29528d91ed", + "source_records_hash": "c7e83904604f2c94d15712931f4bd737b59a8dac344e3e37c94c7f9f124e359a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para mcps/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5f036419dc3080297d026fdb", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para mcps/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "usuario_finalNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8a013fe9f4be06bc2ba6216471df26053e12c4be77e5ca2d96ea58c4bf2490e6", + "source_records_hash": "5f036419dc3080297d026fdbaaeaf8bf6c844d1db0f0faa77527543caac8660f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para mcps/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d0e4c8400a964edd67e5817c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para mcps/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "usuario_finalNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "349825be0891d9d9722f0a8c979ee5744fbf59171328a62af2b677d6ee1a6bb0", + "source_records_hash": "d0e4c8400a964edd67e5817c125d030e607c18a2138915d563264f2776f3b178", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para mcps/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f7058ba3b7600deb33a6d2f2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para mcps/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "usuario_finalNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5790ffac87de43ae7dc1efc00475968af647c7e659fa6b774cee57ffe2e013e9", + "source_records_hash": "f7058ba3b7600deb33a6d2f2e45f7f4d4c677f4ff25039b1e69efa1069108a2b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para mcps/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-cda60200d392b2fb9b8edc16", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para mcps/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "mcps", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider mcps via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "mcpsStatus", + "usuario_finalNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "mcps.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "058e0bf084da7aaf4ac3da9ace1c5a867cf4b2b75d6af95a1aa0333a62c75bb0", + "source_records_hash": "cda60200d392b2fb9b8edc164f4d7e255ba49c90f868d9923612edb23c7852e9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para mcps/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d1397e4817df5543ea22707e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "administrador_empresaNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1a7ff8451fd674f7a18c60b190acd5dda87588333459d9c095c4ed7380e145bc", + "source_records_hash": "d1397e4817df5543ea22707eea508db1d93d30462e60cfae5048df80a58e5eb1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e7f1ba3ff550869e85e155d4", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "administrador_empresaNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "43702a7915cf4c1cd822a5cf556a626d40655d6ea41afb049cfdd0348eb4b1a5", + "source_records_hash": "e7f1ba3ff550869e85e155d41f5b851fac12e9d48c53d608e4e38f47dbb8a352", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f85dac8479e3aa279531b2bd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "administrador_empresaNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c9807c75c9a23300d7fbc679914d51b7225b3b6f92d9f4af0527be5fd009cdfa", + "source_records_hash": "f85dac8479e3aa279531b2bd86194a498bdb71eca01520c886b7344951e1426c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4da4c177a9643e83a9079785", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "administrador_empresaNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "35a7ecf97d0fd5471eb317c25e6bf09c9d5ae49e08f6f4afc115c20b17f8ac64", + "source_records_hash": "4da4c177a9643e83a9079785a4937b8d8666ed235f922f02aa39c74516e69494", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-29528d931a83f0056e86c406", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "administrador_empresaNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0cf72c5dfdf185a18ce0cdda38dc43749f96c982e352c02276e1ee01d3ba5dd6", + "source_records_hash": "29528d931a83f0056e86c406825a53d853e0c66953b33adadb57bb6ff69b152d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-98fa40d2123bf9c4b5590355", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "atendimento_clienteNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "800b6d42c5f9a616a73038b63a8906b5956181ede94725d7015d492c107b0285", + "source_records_hash": "98fa40d2123bf9c4b5590355906f939e480fdf3c4aae890768368968e2eed885", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3da416f3038c3a50e43db3ca", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "atendimento_clienteNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bfdf17ae73bd96fb03eea08ec22c8f66a5f260847d4c8b773c52b30c737d3fe7", + "source_records_hash": "3da416f3038c3a50e43db3cae9aaa2b8dda4c1bccec8c3412d0e2d2f495acfed", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-48377a153f7d12bdcc36665d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "atendimento_clienteNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1a50bddc04ce1f97f780d63ea1dc19741a22289593003038eab7882b098f14c5", + "source_records_hash": "48377a153f7d12bdcc36665d95e9ac1b974ecdc5663b0bfe272009bc433eba90", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-af0d93011df3e5c96757524d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1ec20af4ed4b527316521bde4fae99a447283f54629ddf0ef7e86f7ae317a07c", + "source_records_hash": "af0d93011df3e5c96757524d6ef700c0cd20773e441be68c9fe5937abd206892", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-04c88fef522e7a71f1ca007b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "atendimento_clienteNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "35791074a06ca2d7e6833f1aec6bdfde9d8e16985ac1e4486ee774b25298bbb3", + "source_records_hash": "04c88fef522e7a71f1ca007b88f291d334eb4d730d8010613b854c931795116f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3a26509e3767c56a6df5c3ac", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "ceoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "55831a7fce2d6ea671e802bbe5e87da630281b7b18f163274720a65980d15562", + "source_records_hash": "3a26509e3767c56a6df5c3aca196ece31f71af869408859f0ab800b9f635ec3b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cca2797590077f8349d24bd5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "ceoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d016d1fa4debc4c052d22e88f12f316256a59ba3b19db091dd7dbb8d9b0436a5", + "source_records_hash": "cca2797590077f8349d24bd5985c29ae9a98386c7cdb6f72c356043219d09c67", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c16738d63fad330503d2ab12", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "ceoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "93111066866859b26c3efd6a2a61c293ed832c4f11ffbe0ea2b098d82d93759a", + "source_records_hash": "c16738d63fad330503d2ab124f14ce0d81163945fc7eda1b60fe52dfb6a30b20", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0bcf2c11f1255724212fb16d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "ceoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "694fd8e98c0362450253b38af70c42ac164a6c1dce75eebeebf0ef2a1cac8e4b", + "source_records_hash": "0bcf2c11f1255724212fb16d569cbb51854f55c7a19061f75008c9d8de516548", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-28ee3572f27c330f2e49afa0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "ceoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "adcfb3e46a9d2faf1cfebf53aa434a445921eae106f4e471c17476ba153c6238", + "source_records_hash": "28ee3572f27c330f2e49afa0f641d86fc8fd2af7ee6292bb9139ac5b3606f459", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-1542d41b83c5fb01d28535ab", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "cliente_externoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "182f6072c7b1cb681ea5a541ec29a5faa5f32860f32dffcf16efa4556ee34a29", + "source_records_hash": "1542d41b83c5fb01d28535ab73f5f82e258e1bef69487bdd5bde19cf51e08356", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-5a473c36e08a6c8555cc80cd", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "cliente_externoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d7ff99e890d447ab8f2f585bd22711f1860293a79a78a453a7130c3f477064f6", + "source_records_hash": "5a473c36e08a6c8555cc80cd177e56e0d1285b16136c48f4b0d31f4655adf404", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7fd0b5bcf0748924edbf11f5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "cliente_externoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9123c02af00b723e4a3013ad37cbe9630a6af3d7e01abbbe209785308dd5758d", + "source_records_hash": "7fd0b5bcf0748924edbf11f5569c4a30c3bc4339988b371cba9bf4a95f91b997", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cd79e691cbfefba35e6eaed8", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "cliente_externoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9c1017f8b4c09528293e12006e20443ec06706d0b50774c1495a2e98c0809f47", + "source_records_hash": "cd79e691cbfefba35e6eaed80b99c316cae5075575b16196a602ac9d77095e0a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-5b5ec4ae249b07b2114f0b3f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "cliente_externoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d40989cfc00bd66348105503592efc28b8e107fe5066d3fe7fa70588ee8bc00c", + "source_records_hash": "5b5ec4ae249b07b2114f0b3fbf2caa29f5fb32b3273f1d6daa5848109f6e6c20", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-dcbbb3d1d458d04cee4a5668", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "contadorNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a481a6e823dbf2e709b412e6cd0e222554af12d4186b6f8cb4d01c672e2cb227", + "source_records_hash": "dcbbb3d1d458d04cee4a5668684008cf6d5b9a27f309d92770aa92478f274a8b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3d4d3f6e880ed8b9c19be93a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "contadorNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3e37c1384c65387a180991a862d39ef84c0bcd19cd2dbc425d18c2d01a9d84d2", + "source_records_hash": "3d4d3f6e880ed8b9c19be93ae4111900fb805fb1a0956601da212ffbe1f92da0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3d6a1724f1500bc6edb20f3d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "contadorNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4b0b7d9ccea30a9b3ac3262a52d102c3867a6a4a54020e3318d4e7f54e4f9a3f", + "source_records_hash": "3d6a1724f1500bc6edb20f3d142936848861f8351a8d355c7a8dc1d31b9033e8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3e06b6c028c575fae54da2e5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "contadorNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ae6d1abc87abe63f54800927a27f178674434f411166de924e9ceefa5619b110", + "source_records_hash": "3e06b6c028c575fae54da2e549e7dc4f29a3f8c6f1f1564c0e94a72f59532d3a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-670e29a7ed61c62814cf2aca", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "contadorNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "06117f7b1ebd9735e73f265281f07147a7d7f9eb58b5c0d711402cb4e081223c", + "source_records_hash": "670e29a7ed61c62814cf2aca7caf895ec90c9047bb9e8e94bc3bcd59fe914fd7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b665fefe8dc6445658c2d64b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "financeiroNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "128a7c8978639811c27976c47babddb55003a9a14adfd83c2c83b7e4b01fc4fb", + "source_records_hash": "b665fefe8dc6445658c2d64ba7e3ac47bbb3746ecadf9657d410769b727ec89e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7466ad9e0e433c2f63afb9a0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "financeiroNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5ccb9bca0b4c08e2e5c225c0a51bcc7fa6338343b4d60480664b89a0a2afd7e0", + "source_records_hash": "7466ad9e0e433c2f63afb9a0521a386273a89e22acc8bc9abb7bdb0e27d45ff7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-31749edfb6f3516eab893c34", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "financeiroNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a57da1c67812c5d20190d1e20e939fcc11334391292ee0d98702824fb15acfcd", + "source_records_hash": "31749edfb6f3516eab893c344cacb2d67e49c67f38952ab04a83f66f20df2584", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-41c0d274634355757352400a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "financeiroNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b167c6b1694743255052d1e4251ae99d84bb27d43ae68e7fc36a2365cea59e79", + "source_records_hash": "41c0d274634355757352400ad52baacd3cd1de57b235289f7c0967811538c16a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-10ff2da799ff5c16cfd994ba", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "financeiroNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dfaa33bd584927e3252685c5c673d2b34b5b338ea5e370d8739ce9b451042e56", + "source_records_hash": "10ff2da799ff5c16cfd994bab8e57a18c851df16a38d4e392d479fce70f20c7b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-417d43e7fcb7fac830afd008", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "gestor_operacionalNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0a8bbc38c07f01f21a2ffee950a91d50a133e8d09e823ce698e008f6f10621cd", + "source_records_hash": "417d43e7fcb7fac830afd00829c062ed6e1b0c34a0f88f08a0fc09e68afa5414", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-97727869fea4537a904058ac", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "gestor_operacionalNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2a478bcd2545ef35ef8577fa3b70d31494611f8c65c0ad53ca6254bcbc5c047f", + "source_records_hash": "97727869fea4537a904058aca019b110b85c9a5cbbd9c52b81f13c448a048726", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9d2d8f823bbc0aee39265efc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "gestor_operacionalNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3032967ded2f539bdc4702fb99ad48f4a0912a1c07c57bb638edd749eec9f188", + "source_records_hash": "9d2d8f823bbc0aee39265efcdc0c8f6d742ecf3783cede251b3ee184e988a5c2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c2b03d99ddd1d9cd8bb380d3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "54cf2493f9548e7b749319a89bb508ab38a29cc8a8ee1abdcc9ca738dac093cb", + "source_records_hash": "c2b03d99ddd1d9cd8bb380d3ebaf4a7dfcd27b176154ce5e53948bdcee9be622", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c3ba59d0ba4b9c13dbedf3a3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "gestor_operacionalNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2efda0fb5f9888d2b60367e3e7955d19a749b24dfe122cf5ce5da6a7cd5f351b", + "source_records_hash": "c3ba59d0ba4b9c13dbedf3a3410a616c2ca62e665f1dda0b5656d447b269ab74", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-132bbdd0201390ca2084d82b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "juridicoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0afe7793c61fbcaff0a59594e13a0f1291756590fc899ff50e531f0c250aa845", + "source_records_hash": "132bbdd0201390ca2084d82b9dde0aef38320fd7454abc758b3c3123998e2d38", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8c2a6150e9be682dda9bb877", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "juridicoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b69a74d30024ae12d8df806056488fbb8edeec8ad32c3e3197e095491d06e784", + "source_records_hash": "8c2a6150e9be682dda9bb8774058062aaf82d96ce826c44f9c4930f7e1c2e97d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-73a7c837d50dd14f39eb039a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "juridicoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "78eff3071ed21b2ed9df16a6d40f3ea26410006d8408d8379adeabb4840dec93", + "source_records_hash": "73a7c837d50dd14f39eb039a52f94584fbad8cc2ae8beda1e8a92aa978e03003", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f38163ace7ba6e275eb6943d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "juridicoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "29bf04abf29ee0f361c5f312cd461028e3f64be8df0eecdf8e3f8b8029b04ee4", + "source_records_hash": "f38163ace7ba6e275eb6943d1c7c719c6cfadecbebce832973c4a07162dcc7a0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-73a2e0684d60d242176da6e2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "juridicoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "65b8848d2ecf5f8cc05f15614b986d9f792d6feb8c95fc996a606e5ee6ed573d", + "source_records_hash": "73a2e0684d60d242176da6e2a47e141858c100a75d018d7685d186b0be082e5d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6fc0d1cc9664d132f2f62505", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "planejamento_estrategicoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "644cd8416792217b62450a158ef5337276b9b94c4d80c84c6d5aeb75a7451e3e", + "source_records_hash": "6fc0d1cc9664d132f2f6250545d39544f01d0ae8edc6b2ffc6068ca332a6cc74", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9e2e61aca36885973fca3b27", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "99eea319bb8174762626a58d5e126036c9c43dc7f9f9400a2176cb59247c0adb", + "source_records_hash": "9e2e61aca36885973fca3b2765d5b2a86a64fc68b3a2863dacde05ec2f5498ea", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-de5cce41812b1674bf6113bf", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "planejamento_estrategicoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6a8e71cc5ca02cb58596bc8f004f07d8516fdd361c315298cc7f69681b8d39b2", + "source_records_hash": "de5cce41812b1674bf6113bf4c3c1b572eeb73e4d217cb6308e3c2c5c584e5c1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-91ea08d8d52bd1c9b4bac5fb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9235c6f77492f14961579d7f9fcfa13209d0c2e45ea5ecdda84f80bfdb5c15e8", + "source_records_hash": "91ea08d8d52bd1c9b4bac5fbfa2189b40596c9926ac38b09b58b75bc89c51c66", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9c7d29f9efeed9b704465295", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6c2bb898cfe8e807d50fa9a907df7b81549c19c164c02c3fbdf90fd258d6f071", + "source_records_hash": "9c7d29f9efeed9b7044652950aefe22ea4537605e5c6402a86b96ad6b63bd805", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-364c95a5ea33639ac5ab1e15", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "secretariaNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "24e77b60c4491c24577ccc2ad4afce0c161db7efeb3070abc793cb96677b0be4", + "source_records_hash": "364c95a5ea33639ac5ab1e159cc06de2574bd39e4171f856cd1963df133bf3be", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4a2b72b6abff354417312d91", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "secretariaNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "551ddc331cef591f312a721b7f5f218c2579c447106d717370859180100a6757", + "source_records_hash": "4a2b72b6abff354417312d91ffdb68f4589c4cedbb6d88406dc38cc4f2ae980c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d47022ffd52edc4e808d2bbb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "secretariaNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ad244b0b0d239cc9d517d1fc40701d96785e6c92754198149dc51ba44d9ed068", + "source_records_hash": "d47022ffd52edc4e808d2bbb311835982e6a60af7eb6e38e08259d03cc75e9cf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d210758a0bb60cc8cc1ed4cc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "secretariaNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ceaf300794dbc2d95da8a50aa49363f692c5aa0f72906d61926724bb8c95efb3", + "source_records_hash": "d210758a0bb60cc8cc1ed4cc400ca0c0e8c56e13d3696a5fbdd1a3da6c98a2cd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b83ed6d75faa838b34a584d0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "secretariaNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a652686b59d0a84b11a46663432bf5e6381af356d5aae5262b1768844db0c3f3", + "source_records_hash": "b83ed6d75faa838b34a584d05394afbc2940bbde4410e0c2da094a70604b4538", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-fa573d8d6eb6e6305a1c5c02", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "suporteNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8417da06255521728819bbb9d4e7e5d5c16c49f4c3b7b8aaa987ef61a42fec86", + "source_records_hash": "fa573d8d6eb6e6305a1c5c02ac89e2d656f7879b3452545ddaa2b656a58895a0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-47a359703c3832f57e72ef11", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "suporteNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "10c6886b343af32bfc6e01636852b064e1ea988cdd3a1246289ce8a798738de2", + "source_records_hash": "47a359703c3832f57e72ef117cb19bd17f4276a1287eabb23c9ebda659c9da17", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2ac3a8f12230c256dfab68ac", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "suporteNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "03d84fdcfa2fbde36fcbaf333402bab7b704cb84b07fb0ddc5235cc1142f082d", + "source_records_hash": "2ac3a8f12230c256dfab68acea33cdf9c52bcb2cca3b6e442f4f4df4fefe0dc8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e341afdf6a633711cac32641", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "suporteNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dd44cb98c239206d1d4858a239bc2da26131b91951884e2ace8bf30aad547d45", + "source_records_hash": "e341afdf6a633711cac326415c6db8b68070d5e4a67ad65c1ad1f4649f34e52b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9a0d45054caab3ea3b375378", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "suporteNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "91ecc8b6751530441266aa76a32f5e9910aba9d9654afb98fb0af5243ca34c2f", + "source_records_hash": "9a0d45054caab3ea3b3753781dba38fd513f35649e9ff238b74472b6f0c8aa38", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3946eae3030540f5816a167d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "tecnicoNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "459cd947d57de5978f8ebb2213c469b914e6054dfb3da7eb324f0bb3b525d893", + "source_records_hash": "3946eae3030540f5816a167d6bccbc77fb85b6a25f0f23ad66bc62ba0895e2ec", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-04a9dcbdcf8424191745b6bb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "tecnicoNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dd82c878f36fe2ecdb7179f182f23e09e0764cef4087cd36bf3e30950678e4c5", + "source_records_hash": "04a9dcbdcf8424191745b6bb71f49f8e8a44ad52e6c445e3a001694afe415d07", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d644e71596667f455b9a18d7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "tecnicoNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ec5066f1d6bd438fb355595fd4fac34aa931f22bb05b3a668923333c8f0e746c", + "source_records_hash": "d644e71596667f455b9a18d74320ef0660dce7dcbe907a5110824785d56dbbb0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cc6f3afc2e5ab81f9dc1ab10", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "tecnicoNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "aa905aa16b9283af692bd899309dc941d8f570f9e867e4a1f0ac26a4f72332c7", + "source_records_hash": "cc6f3afc2e5ab81f9dc1ab10b0d7635a98036ffdb23ddd635aacb4444ef3bd0a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-13687fad9ed22fd2ecf77f9f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "tecnicoNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "826d5d154aa55ee7555a17bbaa9fc2d891281a016a40d27f048483e9cebcb259", + "source_records_hash": "13687fad9ed22fd2ecf77f9fb68ce2a6bef963b541a5eee50c6d57d59ba79838", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-620dd3db23cc3d828b699a02", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para platform_base/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "usuario_finalNeed", + "acaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ec8ae11c7098dcb2e69ea1fef86f8858c0df50f99d7f1d737af49ca6e5675b20", + "source_records_hash": "620dd3db23cc3d828b699a020bba6f4e0ad0b2b9f7dcdaddd8c39d0af056863f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa acao para platform_base/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d6bd394eb2b502f32d64803a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para platform_base/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "usuario_finalNeed", + "auditoriaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e9ac2f4491e4f0f8f329cf33af2472ada996c3efdba856bd71fdfab62ed57dbd", + "source_records_hash": "d6bd394eb2b502f32d64803aa244ebe7082d253a3081730f26fddfad182aac7d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa auditoria para platform_base/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-88841d254094f0f591c22de7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para platform_base/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "usuario_finalNeed", + "consultaState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "64158b44630375378ce7a050b703fee88c3b395d72a61bd6ce633b1bd4c61813", + "source_records_hash": "88841d254094f0f591c22de756727376ece1bf13cab4f1bd21c4fa0fcfa6c470", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa consulta para platform_base/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f54ed61e4b7aabea159c6c84", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para platform_base/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "usuario_finalNeed", + "diagnosticoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0362b8deae561d2c3488349313ed25a0fc9f3d32118ce9cb91c09744d3a12d5c", + "source_records_hash": "f54ed61e4b7aabea159c6c84b41db5601ecbe607d380eff9852d35e292901794", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa diagnostico para platform_base/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-58927bcd883440c2cdd325a1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para platform_base/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "platform_base", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider platform_base via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "platform_baseStatus", + "usuario_finalNeed", + "explicacaoState", + "governanceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "platform_base.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9f9e957ef6b46c895c1d14afa40b8965c70e9c04702af753a94c76e5e5627ed9", + "source_records_hash": "58927bcd883440c2cdd325a1acf024a603305b0199246be6d066615d59177f1d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "derived", + "validation_steps": [ + "executar rota administrativa explicacao para platform_base/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-38ad0b001299cdd0a3895e24", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "administrador_empresaNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "70c09fe92f6735dc05e2a78311afba28dd6b017e994babd4fc3e23bd518f1b87", + "source_records_hash": "38ad0b001299cdd0a3895e2479e43408918322317d4d0b7c916522ec94e2b6af", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fc6a9c96e0a1f828ada4d395", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "administrador_empresaNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4b2653068e23b6a29e73d1639495088efbc508a834b0bc955373c015ef4641ed", + "source_records_hash": "fc6a9c96e0a1f828ada4d395b300a470fed5f2fbca56dae064f52a627f6d3855", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0897f64598cf9c942f25767e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "administrador_empresaNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4321dc720718a64f7f2cfe35b7342c745248a0b7e206223aa3ff84eead9471e5", + "source_records_hash": "0897f64598cf9c942f25767ef368ebf3b1ca5758bf8e8e2c9d6c4c56a37a9da3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-f7f62bbd22252a0fd73b4b95", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "administrador_empresaNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "864bed0f0aac064a2407a3d76f675f511ed1f65458d9e543f62d80d07a02a5dd", + "source_records_hash": "f7f62bbd22252a0fd73b4b95928406aa7d6e8a58a694cf3c91457c9bfdc32326", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4eaedbb70cc90cb7629105fe", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "administrador_empresaNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f794938b09429301541927a6b9da2134156088389165b23c7e241514553c0eab", + "source_records_hash": "4eaedbb70cc90cb7629105fe02cf3a01defa0110bde57f193657f476dd41e812", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-230f99afbd0dcc741a527b53", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "atendimento_clienteNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3dff693510f47612768ded29a57e05a85ed9b967a1a27388c142761dcf943336", + "source_records_hash": "230f99afbd0dcc741a527b53d32cd6909458204cfa8fd8d81a81dfe272ede02d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fc1ea5c77be2b2a292986c8b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "atendimento_clienteNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "75408efa7cbccb7426aeae963e136156bc2af79348c0a713b43dc68f42d8d36f", + "source_records_hash": "fc1ea5c77be2b2a292986c8be1c42ad187a246be739effcb6a88452967628941", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-94f70fdf431a7e5b9355f8bc", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "atendimento_clienteNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5002b519f466eae7a38daa109d715c9f8b379662138dc1abef545f86279a1c1c", + "source_records_hash": "94f70fdf431a7e5b9355f8bc5bf5ff386237fd9a8d4010f479c281544ee12264", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-56f356b2010d816837f12f99", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "980b21a4c4239e56ada15522a473272d62c7bd68a53c8c1c9b149e506cf3ec72", + "source_records_hash": "56f356b2010d816837f12f999fffbe0917206e0ab2a17586d99a98b41b64bb73", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-61fd0a2ca23c7f41d79ae51d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "atendimento_clienteNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a5ace276734dc5f4cc988caa3431791e68cff0c0da7896887c188897cbe5b4df", + "source_records_hash": "61fd0a2ca23c7f41d79ae51d344643da925b97f5d1fcb239e4635fc53b12307a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9566bdb3a2222cb96e26f9ee", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "ceoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "63404a723d53ef3c96af4ca6f634c6059bac085fb732b390118fba99a4f29a8d", + "source_records_hash": "9566bdb3a2222cb96e26f9ee3770832a42998697277bd258089bc1eedab9e746", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-9d092c45bf3df2ca03bd8704", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "ceoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "da7a3f45dbdc72678c8eeac829236ccc6b40d9ba13e1bc6044441406c91bb1f9", + "source_records_hash": "9d092c45bf3df2ca03bd8704fc081c7460f5bb6bfe06a0b7ab0849a5401c40da", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-87730be971111ba6befea3f6", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "ceoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "413fd764c95c72ef7e38b60179e1d04011c8324a0783c83ac0a04565ae5b6030", + "source_records_hash": "87730be971111ba6befea3f6869fb1278feb87dde1070b9658590f07c54dbb05", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4469eecaa81f0524f2647cc6", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "ceoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fbda18b1bf6066cb134f85228a71b25a4b4f308b84956c2ba6884e7e11bbf7a2", + "source_records_hash": "4469eecaa81f0524f2647cc6f35c04a9f648bde8cf9fb80b6a06aeafe1a1028f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8ea3d1659b6908a507fdf3eb", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "ceoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "64d8e3fa236e91a6f53c052ae9543e7efdaf1387506a84c7165ae79f4372e84b", + "source_records_hash": "8ea3d1659b6908a507fdf3eb9856f82e1865f199e5f5c9d1200759e1628810a1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-bf11e5b6a4498f72394ae63b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "cliente_externoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2d837307a9109c0d2e766be326b58d77cbd8fe4c624686d4a85100e5f3eed8ac", + "source_records_hash": "bf11e5b6a4498f72394ae63b5549a46406663a403f94bb302fe000aeefa959e5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-816fd1f171186e7c92cdd0d0", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "cliente_externoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c0f0d51a3143390b51099c199f3548c3a38d73ebff6b0a5a997c89b928a5af75", + "source_records_hash": "816fd1f171186e7c92cdd0d0f266b65285ca562522bf68b675c6978b53c18399", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6ed5a774705440321f834fb8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "cliente_externoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "366e077c2f29643b2ee62e784b0f9fe93b1f1144a6356957b9f687581c792702", + "source_records_hash": "6ed5a774705440321f834fb805516f58a17be5f116ce0f0e828deff1abd50554", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-cbae58fd5eb64b1cf8a4514a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "cliente_externoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8ef31b7b435e436fc6563519089a1b584679a9c09f440251685057061fd67b3d", + "source_records_hash": "cbae58fd5eb64b1cf8a4514a8421b707d7c483fbed74470ad27b645d21fb4d20", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-66fd904c37f80293f31793d5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "cliente_externoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "275ecdba52744718ac52244d0420253901c5a7b9e13d16af4c1e7dbf653ae90e", + "source_records_hash": "66fd904c37f80293f31793d5e8e3f2f59172052df4bc013f057c69b124d357af", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1c715dbb06ac377a9a814c0a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "contadorNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "888a49d9d9d318b935b90848c1c6b9b9b8951e067a2de4adc6e9e21926d40ee5", + "source_records_hash": "1c715dbb06ac377a9a814c0a1d6a5ac1ed8f6d054fd592785e0f3af11a882ea8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-71e8e922af011ca661844b3a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "contadorNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dfae29f5d13a7f3062b232a9f5d29263c2e6e4c7697c9004fd22f2d54efaa810", + "source_records_hash": "71e8e922af011ca661844b3a6aeb7e2fec64fcdb20f7abfc00d5b3eee9b40e1b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4e10ce9edda7cbc9cdaf9095", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "contadorNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4493f488875357e296cfd0791b149a0dc6f844ba0b60eb5825226d6a8d1594e1", + "source_records_hash": "4e10ce9edda7cbc9cdaf9095a0efa8d3541f4ff529bc917c892794bb3df226e3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c27e84bd7e73a64d358bf38a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "contadorNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "63f7ebf3a5c269af7ea871c9fb9d07971e27a4a7b0ee19850120374efbce2660", + "source_records_hash": "c27e84bd7e73a64d358bf38af357c6923dd743f0263f23a9813507d306f5ddae", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c13249624a3ccb7341b78846", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "contadorNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "65b9d7864dd48fb7e56327a14e6168fbfd1ff64d08398a7ee78ac199fa189f91", + "source_records_hash": "c13249624a3ccb7341b78846e9b2af46609b5d0509b03b2e1412da0c802b8e86", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fca6ecaa1fcfa137261c19eb", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "financeiroNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "53230a367d2f427622f89499b43463ec6f7b41f4a80eb30345f17fc3515248d2", + "source_records_hash": "fca6ecaa1fcfa137261c19ebc655105bc8be8bc39efcd64c03284421ff84f0d8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fa67f95f46c0748ac9e6fd8e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "financeiroNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "360979f07d0911452cdd19d6be90de32f479d9f93af1102ee945da7218a5c5ed", + "source_records_hash": "fa67f95f46c0748ac9e6fd8e863b6f0995da5f189365b356a7975bb821603ecd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7cb658e0061fd8141bbd171e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "financeiroNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "381a169a6c618ed5d442ad81d7efaa2ea114d37e19f89c0a6bc4bebd95a186df", + "source_records_hash": "7cb658e0061fd8141bbd171e37242edfd51588932160c00197134f9e5bab1353", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4ba2121bb62277671373041b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "financeiroNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1de163d818b4f5c57abf6ba8bb587f29c270f2d0091831517e17aaf6a1a2d896", + "source_records_hash": "4ba2121bb62277671373041bd516ba1f5ba178962aedbba82d6afdc4c854c161", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-730fbf5673c1bdc6970ec66c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "financeiroNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8096ed49ec1396beb78d95dafb5647e657e8e8a80f54b5d3dc2373fb7fc62917", + "source_records_hash": "730fbf5673c1bdc6970ec66c117dd75cae525f0de005bbf8a0c5a08f308a91b9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1c6e54a0e1b5cfd94f4fed42", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "gestor_operacionalNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fff76e33f61cb621103246da29fa7a104ae6c1fe0718c660232053f614d65e7d", + "source_records_hash": "1c6e54a0e1b5cfd94f4fed4218d38fef4a08c1092c91ed2dc98d7caa7eccc476", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2a110e5dfb732b6b87853d40", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "gestor_operacionalNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4986566cb7ad8250a369e2405f4694ab6c4d682b50cf2c3c17f85d2b57fe099b", + "source_records_hash": "2a110e5dfb732b6b87853d40065d5228498b68524642ddac69c3661b9dc58f20", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ff692492064c6ae37d45b861", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "gestor_operacionalNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e53ae1853bdd13d4273c70a1ed0906bec9ee89701eac01b8473e0b9638c7f970", + "source_records_hash": "ff692492064c6ae37d45b8610351e201d4479bf693477cfba78ea2e21d768d4b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ba85aa8ac5cdeff2da2ca4b6", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2d30ae45074d770fd4b3c2249f6fd62254be68fa5a304d6790bbc491e6f9df51", + "source_records_hash": "ba85aa8ac5cdeff2da2ca4b65a0039d146d9321d1f98f5227d772afe65463522", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-fe2976e7ffda9b416ff9004a", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "gestor_operacionalNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "26e1d3fbaeb2b17032e428a7e50fef0dda3e308ff5e9566feffa68c1176b1d1a", + "source_records_hash": "fe2976e7ffda9b416ff9004a973a9b7e139dd79484180d3b45ff39857663bf30", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a9572c37dae928dc04a5b5e2", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "juridicoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "49ba710109b2536118e00a2ae2c948629321818c8107b10be4b16fb9c1179fc4", + "source_records_hash": "a9572c37dae928dc04a5b5e296a2a8a4471cbd48650b6b045a03a3d02e98d5fb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-13f107a84bde2a940751a025", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "juridicoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "078762a0afa92fbd37b927ccb8e4aef378b2f40c38ce80e6787f497feb5d182d", + "source_records_hash": "13f107a84bde2a940751a025dd6bf0c61920690731e9548fcd1c248144ca9179", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3ea300317e9980ac854f6832", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "juridicoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c7e5c74c4311ab7d9a2ebf436431ec5c2bd2ff83b1de0af1f59d18e44f9041ad", + "source_records_hash": "3ea300317e9980ac854f6832f10a814bd272f492381f07e56a35b04be76fd8c1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0168e9f0b9d118de035f435c", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "juridicoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3d3a4e569b425f94adc2777254f59f75852115614d388ab85ebdaa52ecd4b302", + "source_records_hash": "0168e9f0b9d118de035f435c97933e2ea0d127fc4aceb77254b7b349d1dc1ebd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-eebbd28ffb8a987d430b89cf", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "juridicoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6ec33673ce7069d8191b735a1ba6edcc43ea8be92c6ecb99abeeaf392a98effb", + "source_records_hash": "eebbd28ffb8a987d430b89cf4eaa6b619cec3bf6236fd7e5d3188147e7c77ebf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d04b833573d656a71ec26e58", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "planejamento_estrategicoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "da95dddec1ab03de25da42a8bfbfb2b46a47d49e2260b70ca678d4450a4f2185", + "source_records_hash": "d04b833573d656a71ec26e58ccd72e93b57c2e9ebfccf2eb4063049f7c598506", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-45c51ed8fdd0477b74c2a0f6", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "08e7c080c0bae7846e823c926cacd52a6522380de930791dad54cadc8acd6a99", + "source_records_hash": "45c51ed8fdd0477b74c2a0f69eec16539855b3a70745125341007ffebd5deb0f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b9cbe387c4bbbcbfe2482e29", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "planejamento_estrategicoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "68cd2fad8eb4665001393700f6cc0d385576abd0b09066ffa483d694a5d2746f", + "source_records_hash": "b9cbe387c4bbbcbfe2482e293d0aee6abe3ff328dbf54ca93eff368c60b958ec", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-47489c60d1e69f88350c6b79", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1f3bfe16778bbc951c8ff57107b39cff497f88d557ae4ae0ba26ae249af6127d", + "source_records_hash": "47489c60d1e69f88350c6b794093beac34c44d2e882db5e60e437e2fd768ffbb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4463d2fa972a1ddb5d80fd79", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9a9808491a9b7426788a93c37084fe03772471df82083f057d75c8152f908058", + "source_records_hash": "4463d2fa972a1ddb5d80fd795dcf8afd0915cafb3ccc69bbfdba8090c4e24ffd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d535086775a5109b3ab44c6b", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "secretariaNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d0dcbbc16ca469178d06c3bd20e64d6ee456d79264105ac011f45ef05468cbd6", + "source_records_hash": "d535086775a5109b3ab44c6b1dfe804855b139e1bf0d655fe3b5e735f0572e39", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-25246b31471c1e71dbd9e8a7", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "secretariaNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "010b02542b90f592098be5d818a43b2020e5a5bb7cdd1df36f6210cddc3fb526", + "source_records_hash": "25246b31471c1e71dbd9e8a73dbbbd80c9e15cebd350d6dc5b498e10bac83a2c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-af12a24a4d0ad6a86a2e5460", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "secretariaNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "235d7f1af458289569a0b4eb2d4ef563e7836a0fa9e08d2d979791637dfb3481", + "source_records_hash": "af12a24a4d0ad6a86a2e5460e828c9121860a8a3f4f584367e4a46309c76e140", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4c8d69ed7ffff7e179858090", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "secretariaNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e7fdb0ab5a2489785eb0fa62a2521d026435e971afd13c46e7714ed590d94004", + "source_records_hash": "4c8d69ed7ffff7e1798580905f7a5ca92da50ecf3e2e32cce848d6733e99bcb8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a1c44badc8968abcd78bf340", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "secretariaNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "9bc32a484a045703848ba0dd613ce47c0f17a9f6ee8f340360f9bd393ddc852f", + "source_records_hash": "a1c44badc8968abcd78bf3406eda99d29fcc5d5c3f8cc68e03fa1af3d2e6fd30", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1b7ac7edfc0c36a89ce9f419", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "suporteNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c70412660e7f4927468a561f2ec42e8f4d5460aecc20464ea1923875c7fed756", + "source_records_hash": "1b7ac7edfc0c36a89ce9f4193772d21dde5b4aa85586cd6b9f45e7b4f9916142", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2d4daccd7553b55a9d5fc4c8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "suporteNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "619538438123090f0eff2d8d5c820138dab21ce2dc402fa4f4cb552b13efb72e", + "source_records_hash": "2d4daccd7553b55a9d5fc4c899f86e18e48fe59cfdf5af1d6dd4f7c563690e42", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-626c9e82bc4bc38c5d7ec216", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "suporteNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5901eb525ddff266c105caebf274574f14b8d8159b416697ee4257d66fb24c64", + "source_records_hash": "626c9e82bc4bc38c5d7ec216e9a65039343fab5995b70ea7378c562a801875bf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4d68e540040751dfeb000296", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "suporteNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f72f4cb37b0d5ff5cd16ecf1bb03ab1ca94e99639cb45249b398918733bdbb64", + "source_records_hash": "4d68e540040751dfeb00029646d8a345350f3cf82da394fc409b91b309794782", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a97b982b55b2155ae7628371", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "suporteNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "573a3facc0653b18c02c51b157cbe41f73d502e72a479410872a4248fad17b58", + "source_records_hash": "a97b982b55b2155ae7628371a5f5c879d5d64aa54c28ee1e6aecc649edcc52c2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0b155e6c901bba3f772d55a8", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "tecnicoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c2f06c32a949282fb792e3dbe16407d674344f742bbceef2423475b2fea86c60", + "source_records_hash": "0b155e6c901bba3f772d55a863ab62ee1c016866a17f98262ed4ce10c7174509", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-73725264061aeed93ccbd02e", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "tecnicoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c2e1cd8f0b62bb1240c462bcaef0f927038e9859ecf39d936ce31ccf7a5ae4cd", + "source_records_hash": "73725264061aeed93ccbd02e6b0056fc7296799f6b13573b950865b4d99ae776", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6bd37868fc9a15837a8d75e5", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "tecnicoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "444f30c3060dafc720e17edbf2292475f735ed188fbc0f4e58cd7da266ba5871", + "source_records_hash": "6bd37868fc9a15837a8d75e5eb5558d6fbde8bb721e57609b8056aad5b75899e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-131ddbb18706f5acb8725584", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "tecnicoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "94f7e575f7bbe66ba0fcc278c2abc4b40206d0bdfb581a51ddf814605425fe25", + "source_records_hash": "131ddbb18706f5acb87255848caccfe00d2c6e6b64b982259a1c3615b2a7649c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6429f33f2d5734026864c560", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "tecnicoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d49f09e28e0563512c256e791de46e3a426f29e7add1e9bac357cd9503eda4ae", + "source_records_hash": "6429f33f2d5734026864c560ba291fe30ec63750e21a0b65870fc832fa2ee93b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-536b13d24535ada15101eb35", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para public/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "usuario_finalNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "36c83cf866bca1c10cbf35fe8284b4dc7e6fe21e9e774f1051cec821d0322492", + "source_records_hash": "536b13d24535ada15101eb352117b6c5983227d1a1072d726d58d8d1ad0e2b3c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para public/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8967a86e3a70ccc17223d7d4", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para public/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "usuario_finalNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "461dd49af3b5ae7a5f4cc7fcf3a5d0517c2c182f7fb1ffa191bcf884c8e0de77", + "source_records_hash": "8967a86e3a70ccc17223d7d4bd6a9da219ecad0219c8b6cdb82588c2430372b6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para public/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7138eb3da2a65867274c4a8d", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para public/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "usuario_finalNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "685d986f51f1028172a18ac1457fb7dca8ba05d3ca215bce660b2c1f2ddbfe94", + "source_records_hash": "7138eb3da2a65867274c4a8da52fb1806e165d84064122dad7af9e9cf71a1b6c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para public/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-601a5768cde734540f6d3cb4", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para public/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "usuario_finalNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "aa3a01b3de6c6106d2b8d7158e120071183b8116a51838c72cda210a263d1e0c", + "source_records_hash": "601a5768cde734540f6d3cb4452f40fce85908b215410165c01ebb01420c8324", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para public/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-23ca64922a9da8632be0ff21", + "gpt_explainable": true, + "maturity_level": 8, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para public/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "public", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider public via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "publicStatus", + "usuario_finalNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "public.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "da74980759f61f21861d1659b0f5de86faf452972121ea0aa6e02d6627df4adc", + "source_records_hash": "23ca64922a9da8632be0ff2191e8d92e8a6f6d2286902cd45f8782c355200842", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para public/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-4e0cfc003e1cabf6251d0030", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "administrador_empresaNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f942b3479d2ea9868a787649cb55fc4f9c1a4be9d64e275819956be35e6dcdf2", + "source_records_hash": "4e0cfc003e1cabf6251d0030e092813043c107b403855132a0f61aadd37db3de", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-77b01b5d2e0edaed11aef5ff", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "administrador_empresaNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dd3de43418934c8d40eca49a55cc1a3dedc8ef24765e60e055aeabfbcc56f02d", + "source_records_hash": "77b01b5d2e0edaed11aef5ff3ce9d53a742ae91d79f9f09f9d4ddd711dbe6d63", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-288d2d7101e9457a3f7bf0ec", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "administrador_empresaNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4f9e090ebeb9e0a29967552c759a5c2b835618a8c2a8cbea2cf160adc7ceb526", + "source_records_hash": "288d2d7101e9457a3f7bf0ec7f69d522020f5eb9b5115bee4a23845f802c8f9b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a1af6896fc2e71f91ff4b8a3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "administrador_empresaNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b36a0a11d9d438e2600706d3859bec74216ec8ae37c6dd974c265c25ae1418ff", + "source_records_hash": "a1af6896fc2e71f91ff4b8a3f4479d93cd8167f30e8c29fe2c8f271341b240d5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6b85cfe4d922b86f042a9ffe", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "administrador_empresaNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d6aa11cd4ed0e5c3823525bc03bc4dc683d9904ec21b4a603206b0e20ecfce5c", + "source_records_hash": "6b85cfe4d922b86f042a9ffe075f87b80e597b35d4dbc89dab196016a122e9c9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a18b1c6425ce27255b32fce5", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "atendimento_clienteNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4882816c48d7b482a299c8e6ca6e7e2e508988a572a79f34b2de0828e8ac57cf", + "source_records_hash": "a18b1c6425ce27255b32fce5873510427ee347a93920a675b66e3137bca4503f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-669c52d358d44bd081f7912b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "atendimento_clienteNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4edb25c47e74f02fd8c495cbae82b603e6c524e2ca22e88bf1065758960b1f0e", + "source_records_hash": "669c52d358d44bd081f7912b211e232c75510cf8afa6d9255c15349096c0b6f4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-81f471ea333879874d44c710", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "atendimento_clienteNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1dcf7aa246900d75339011b49d8237e606d2b279d8022b7743179b12afbb8550", + "source_records_hash": "81f471ea333879874d44c710e14b9ac622fced4a03c47ae07bea6c5d9e515a49", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d0a3b492bda2e137e2d539cc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "91175ff136d2ee9b1bc0f93485ba9a5effdb2fb937b586f11bb2ed1bb5c9d501", + "source_records_hash": "d0a3b492bda2e137e2d539ccdfe9d38c614c2ae9910f2c209dad6e136b5f9e7c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6bea8f174837edf1ebedffb3", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "atendimento_clienteNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a23c675e51d4039ea44cb009b8d67e78ff7e590cc47b06b27744cf31084d0043", + "source_records_hash": "6bea8f174837edf1ebedffb3355aa23cac10461d418a5e5a98e49eefaac45fb2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-dfa38d62c54b14873588322e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "ceoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ae3e54ca290caa34502dc044c16312d3798fdc81886677a96bdb83b5f9a1b081", + "source_records_hash": "dfa38d62c54b14873588322ec47eb064c2ada50f53f5cbc8468025e0e73c1015", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ad32707acf1a4764020f329d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "ceoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b68dc7911431e411192047beda06b2a4020cb894226693bc0745d61b6f4ad3e7", + "source_records_hash": "ad32707acf1a4764020f329de6c31ef77bbf2f4a805e1a46f742180040d12a50", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-42cfe0f3803bc873b21f9cfc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "ceoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "93df80dd0b073110a4d7f898519bf6c9d64e64979909e1bc59f2ee558bfe3000", + "source_records_hash": "42cfe0f3803bc873b21f9cfcdaa2ace1443cfe9fceef127b4dd4505cde7a8008", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-dd2129db81fc1fdf2c0d83f8", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "ceoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6b1d23b618d3f2da674d0c49961ff15b80a49e9f401e296237ab3ba8efde7f68", + "source_records_hash": "dd2129db81fc1fdf2c0d83f843b7e7429c98791a693b993c2d7b8558f5b6291d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6fdf4a4863b4011e5a23f294", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "ceoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "863c155e12542d971d161f82f00307755fceac273839b611f82f37edde5ef319", + "source_records_hash": "6fdf4a4863b4011e5a23f294ce7381c74d7db8c99a660fcc004ba04c675b28d1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0ac937cdd1f5c9336c631cde", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "cliente_externoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3b713627d9be0fa92c4aab5eba12d1c6d8c7d80ef6aed43ed72e92cd1fc88854", + "source_records_hash": "0ac937cdd1f5c9336c631cdec7e1769f151a6f8da3a968fcafe67a765658242b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0689b028d265158d0ca61fe7", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "cliente_externoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "fa77d41cc8ff22292dd0ada13c3475e85bc6c4574017a0faa875f261a550eb6f", + "source_records_hash": "0689b028d265158d0ca61fe74da7f7ad445d7fc5957bb0e0c5d0669778bec305", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9a711d03769aa20ed7fa11d9", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "cliente_externoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "677732d13b08ed0cf126895844719354a8f01783b08fefe966aefc9aa6493f71", + "source_records_hash": "9a711d03769aa20ed7fa11d9bd62f2f4255a0e7026807b6f8d53a99fef2a048a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d4e14a224577c50f7273ccdc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "cliente_externoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "559447c8fd6aadc1b027280cd656db945eabae4e8c90f94c2d0a75cb6bc9273e", + "source_records_hash": "d4e14a224577c50f7273ccdc070922ebe5a86165716a9a58cb06b32d4c1d0aff", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-cd9b450a69d6cfe7ce59f42a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "cliente_externoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "aef766eb421c72afb216255c889b7fda28181788e1f3b0873d541847ca180f01", + "source_records_hash": "cd9b450a69d6cfe7ce59f42ae9b4129c4cda084eb9954cffe9bd902365735d12", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-e186ce79de6625301f7b16f1", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "contadorNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "660316de899817eda996d9b5597ec816a571d9e5e6168285121f17f734be45a6", + "source_records_hash": "e186ce79de6625301f7b16f1b62062608e7c69e642f783024868d028fef8ac62", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-47ade196bf0ccfc76ee2cb3c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "contadorNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "5a3190343fde406c989fb956360ed2d2136133037ca581a486d170cbe41cd601", + "source_records_hash": "47ade196bf0ccfc76ee2cb3cf5ecbdd1b46fe8b050e2b919cf88a06acd3d9a2c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7005161bf67ac2f61a8efbe2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "contadorNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a0199751ecf897e5b9d80c2ee87b511d6926a6358b9504ddb156542aa287e5a3", + "source_records_hash": "7005161bf67ac2f61a8efbe200b6405aa091009b1fbaa7f212403b6d13ae6508", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-0f833de0823eb3b3b731cf5b", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "contadorNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2c8f82bd5fc97839f4bee6dda092d64f89fb784e8609f48142380ed267753763", + "source_records_hash": "0f833de0823eb3b3b731cf5b47c193d087cb8f997f2c7096a972efcb78d7e73c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2fa7b7e80dd8807e70541f74", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "contadorNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f83e9026e8dc69dc3b78fec8a5b49bcde22ce7b6c6cf136557809a56e4dea8e3", + "source_records_hash": "2fa7b7e80dd8807e70541f745e12f989cd397d202c1f3b34b46eb1ab12641fe9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ff8677bd402f7ba374c88189", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "financeiroNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d93f1209945f4f06f21ccdd2080183b51a890fa1ecdf15e7b68ba3e6eb251373", + "source_records_hash": "ff8677bd402f7ba374c88189c13ec8010b8c89756365a777e0fcbd95a1ab9222", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7a01348301df92a66c028cda", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "financeiroNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8503054131c5e039b568b869df5073168f415661c4b4139057dbe8ed66e2cf03", + "source_records_hash": "7a01348301df92a66c028cdae0c18ba44b506fe2337aba9903a2ab7fdae6e305", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d0929af76b9cace0275146be", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "financeiroNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f52704b3990729074dfd0717fdaab1f3478058ff9bec43068a3662e3d6d89656", + "source_records_hash": "d0929af76b9cace0275146bedb0f9630eec3d8f478371791a8e70f34138bdbc5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-860d4b0c075982ddbe8c7f31", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "financeiroNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ea9fa8ace0dcf4c723f4f7e63cbb21ab5b11b644af561595ad6da0892b65db1b", + "source_records_hash": "860d4b0c075982ddbe8c7f31b369da3b4a63c8a19e403bbab887771f31b0fb6c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-18cdbb5f40e56a2048258a7d", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "financeiroNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3d37a9dd02aa3abcd05265229a1ed31c99ef24473fa96dd947725dde8c84a7ff", + "source_records_hash": "18cdbb5f40e56a2048258a7dc36478ef2242d6af89718fa24ec0448d06a0c2d9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2dfa8bab03a8922a4c75750f", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "gestor_operacionalNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "627456df71148422e50365ffd5cced4d210da8ce2de4089297f49a59dd73acb5", + "source_records_hash": "2dfa8bab03a8922a4c75750f97a8759f759e13913c5a850cbbacfda65e327cf5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6db9b634827319486e4b2540", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "gestor_operacionalNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "95899cfdb48af2523a893ac5dad9523e84d65b3d7b9ceab8ab5ef0742096881c", + "source_records_hash": "6db9b634827319486e4b25404dda9372f0cf0ff2c4a98f0e97baf8848bda2509", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6b3d7b5db9a7a13ebc146185", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "gestor_operacionalNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3125cc04b65d093c53beb4f6fa8d36d625fdca64eaf3c10bb9435e4aca13c031", + "source_records_hash": "6b3d7b5db9a7a13ebc146185c5c9a3410ccf92559200caca74e620c04c23c2c3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-ca70a23586930e81e8f3a3fb", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f62aa8f7a39df78b8eceb892b636c7ac56ea435518852e4f2a6a06f748b96b7f", + "source_records_hash": "ca70a23586930e81e8f3a3fb4f8991dd4f0635314661f61dcb68132436916180", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-85fd3f077cdeea901083b945", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "gestor_operacionalNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7f0d3fd107a1ee5e0a0ce1416315a9196d7e6b8e6ec004bbcde6e429785c698c", + "source_records_hash": "85fd3f077cdeea901083b945220cce73e111eb5ea18baa465465c6ebf77b30ec", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f5a75f04deb147138f6dc67e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "juridicoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e6976faa482f37dad8313eb7945d73b431cb8bf9cf2858c05dc7fb7da6b6354e", + "source_records_hash": "f5a75f04deb147138f6dc67e92cf21d9f02eefec88e3df0ea63fbbd4c155609d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-aa496f411fda525e152fc4c0", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "juridicoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cd64fbae63648fde5af08a4578aa714b9a95ed35165e5535788997427025b9e6", + "source_records_hash": "aa496f411fda525e152fc4c0a7016420fe9981d1497d58ed8b022d992529d7ab", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8d35b07ebb898a699954a6e8", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "juridicoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a0f8b381ecbd464cf1c75f7687ef0ca0904eb1e003884716442f6d5f85f796e3", + "source_records_hash": "8d35b07ebb898a699954a6e83d04ab53e9b76b17410335152cca5e2e88c4c821", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-79f64e5e3d4dbf29e771b294", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "juridicoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "84b70498de51a0a8b93eacb9b82180b47a4499c361306a178855c89d102f944b", + "source_records_hash": "79f64e5e3d4dbf29e771b294c234c9aa6c45ba07c28bf4e689524478b7ebac8a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b04b77fce731f92088625cb2", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "juridicoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "be25b653e33be1317fb6b347139f46f096128cdd49b71deb27adda66d4e4d361", + "source_records_hash": "b04b77fce731f92088625cb216eff263615dd4dbec734e15a5e903df286866ae", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9200c612412130ec480c3d42", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "planejamento_estrategicoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "0f319e5ffe73884543d8a7c50f0b0fb3aaa949c55d56429be4e1f0e4cf3b0a1d", + "source_records_hash": "9200c612412130ec480c3d42a38a3bba5b1798564053c7c0b7e0d58866d3c041", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-6b5cf0ef7c6db89cf102209c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d8768f447d1397ddef8c2026794d8d0a06a4ab66bdc7f0b2ee5025c23b02a09d", + "source_records_hash": "6b5cf0ef7c6db89cf102209c6cbe8fbbed248a9f6350605d0fe75c0d4e204578", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-53a05f50b30b97596a39d06e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "planejamento_estrategicoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "de35c673bdfc2630048328ab8c26f2d68dc5fabe179068d06061bf14d11b43b1", + "source_records_hash": "53a05f50b30b97596a39d06e4baa45fd36153a9ebd0d24044c0db69688d8f087", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f5548c0f6384242ea4db6f11", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4d8d38fee0cc91a6e496ad8a81815c9b42ff37466afed9b56d9c34379544517c", + "source_records_hash": "f5548c0f6384242ea4db6f11a28c50012b0698d62e10d5d51386b09ec54cabd4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-b36cbb7bfccbb44738388b97", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "80125235efe4f0a420ea073b1546d86944249b761e4a4406c47c082bfa6af2c1", + "source_records_hash": "b36cbb7bfccbb44738388b9719586d39dc2a6868c758dec2e6d7f1b0738934ec", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d2f53926bed354c0838ac27c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "secretariaNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7f56b9c4da303222895de2a4a94a4d175d5831bc7b501f5c7de21bd53234e604", + "source_records_hash": "d2f53926bed354c0838ac27c7498118ecac4e0cce32e45d5ebbcdd0370cd5f3e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d8f8006ff6f70544d66a6820", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "secretariaNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "36d3577ad6a496e4108671d1f00b4d24792cef31365ccb6c70e8dad46df59875", + "source_records_hash": "d8f8006ff6f70544d66a6820030d16adc297bd71de4b6e35ef5909d77c4be2d2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-28176dec003b02ff854ca194", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "secretariaNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d6bdc440412b0f74b41128113f83facb70305dad09ef295b8e1353ef07a4f923", + "source_records_hash": "28176dec003b02ff854ca19401bc68455aa4f4b01503f188f20bc3138a0a970e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3c1e1125c8a16a7d04573526", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "secretariaNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bbf4e09973df4c4e54655245821cf5b36772561de2de9356d0433eee2f01e419", + "source_records_hash": "3c1e1125c8a16a7d04573526b9d19729fd762f013481dca5fedd4113b476df83", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-bc1e47840cd352bf2ce3ffdc", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "secretariaNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8c158cc97165072ef2935c4f47c36bd5923c780f658183c7a4893256cf45f1c6", + "source_records_hash": "bc1e47840cd352bf2ce3ffdc6f0f7b8503133dcf6abe36ccd4b600cb9567d118", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9eb7113327d4856d4f2496bf", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "suporteNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c79133cb8afd0e7caaa5625b2494dab233962b4e1e6a551d062301d25f6efbe4", + "source_records_hash": "9eb7113327d4856d4f2496bf6341d5c628d22db68d1d93d68d202cdde3a3ec2a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-9ec7ad461ebb4a4cc3fae863", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "suporteNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "74b9a33da832c626dc06d4bcee58d72cc4fb715033766f841233794d51996bb5", + "source_records_hash": "9ec7ad461ebb4a4cc3fae863c0478b5e93a22f014541bff7953c3e927c08437d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-c1bd663e9348826e92ec3344", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "suporteNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2975f68a034fe87569f6e6b45f48cde33d0c566c62300c27d6f6d97c28cf4ff3", + "source_records_hash": "c1bd663e9348826e92ec33443d105b8f186c8464e876414c11305884669b1997", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-8d7362e543b8905cd16cbe38", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "suporteNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "89fad6d73c229772980922b7a9f92e752c74f20cb6877685ac8b0d7d040bd861", + "source_records_hash": "8d7362e543b8905cd16cbe38d42fa30f6bd5a0d1149b23ecbe5ce51a2363d88d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-3e349eb510a0f59f533fd696", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "suporteNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "710325b1242485b0c2bcce09eee171d3da0a3dc3637c7830e7e4ab00ffe241d4", + "source_records_hash": "3e349eb510a0f59f533fd696b8e3fc3a4f0a9828662e9fcbebf70cce1714411f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-d6bea2cf279d0337c35f5d40", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "tecnicoNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1cd1245c6f35ff4b3fee87263c7cb64065c1ece56b1fa3aa1b8e9222cd9de5af", + "source_records_hash": "d6bea2cf279d0337c35f5d40dbf915c53a4ccf0e39bdae894d458400b57c1136", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-301f2d4ad7236df3fde1fa54", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "tecnicoNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d4bc88f922e05d997a2c4d0189b1e44226c8fc45113e11f60b8098031fa20bc6", + "source_records_hash": "301f2d4ad7236df3fde1fa54a806c6138fbe11276d3c56445ddabc26c9af2b57", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-2b12e9ebb344d2795d6a4832", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "tecnicoNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "162587a4e3ff5ff6054fc2af44b28965172d37244504eceba3230a5da85f0070", + "source_records_hash": "2b12e9ebb344d2795d6a48327eb40367911b352b770ab1ef11f515caf8cfb003", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-7ca964e198c04aa193ac1a6c", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "tecnicoNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "84381237fd0dc95dbc7c8b025702e052c6b54761d4bc14bf479457f6ba8bd70d", + "source_records_hash": "7ca964e198c04aa193ac1a6ccd2099abfe1d9cac3faed7b2cd595b3bb988aeaf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-a7d5838e287c4942c30f3a8a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "tecnicoNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ba921efa97e0e74bce22d0b9a506545ba8c7664dceae7835e4b445c3da7127ab", + "source_records_hash": "a7d5838e287c4942c30f3a8a019deb42c2416eefac612399b08be482f89bd883", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-30043a4d69795de8d14b311e", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para stj/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "usuario_finalNeed", + "acaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f9f005cf873e7ad9687c17510606ef82ad6cef403db9e1ace206b8fa66e38f9b", + "source_records_hash": "30043a4d69795de8d14b311e11eafd7295afd43f3c8e4d0cba0727f19c37e47b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.acao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa acao para stj/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-15e1f4603bc3badc78d20810", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para stj/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "usuario_finalNeed", + "auditoriaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "40852849210700bde4219e117447d60656153b7e7da3750bb2b2fa3835e6d615", + "source_records_hash": "15e1f4603bc3badc78d20810bfd60ddb94e80a735e5375511381ac9d16ef9a91", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa auditoria para stj/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f04caf9756a62e39a382b150", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para stj/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "usuario_finalNeed", + "consultaState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "82cf4b1a4a492695fd66da59c11d14ff532b7c1d1cf877a3da3de39a27824755", + "source_records_hash": "f04caf9756a62e39a382b15040f5b7804b4327de0ff65ad6fb10c03c93ac3deb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa consulta para stj/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-caecce7ff1779ac607198784", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para stj/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "usuario_finalNeed", + "diagnosticoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "cabe5e5f240ece6d64add3b363462c290c160a1329b32580e599fad236d4a936", + "source_records_hash": "caecce7ff1779ac607198784ae3e2410a71680800aa055bac6574953f6fffa97", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para stj/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [ + "maturity_below_8" + ], + "dry_run_supported": true, + "evidence_id": "evidence-f6fa9feea864797c48fa953a", + "gpt_explainable": true, + "maturity_level": 7, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para stj/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "stj", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider stj via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "stjStatus", + "usuario_finalNeed", + "explicacaoState", + "legalGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "stj.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1b6d35a0c63c48092d75268dd48e7b0734bbf20fec8ec870ae96fc5b24d377ef", + "source_records_hash": "f6fa9feea864797c48fa953a876cfe5dd64b6c21e0013b21ab59057696e72784", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "partial", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "response_ready", + "validation_steps": [ + "executar rota administrativa explicacao para stj/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-acdd29b6dbc2bf21ec218165", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/administrador_empresa", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "administrador_empresaNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.administrador_empresa.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f2d650fefdb03f5c2a6814be1442e799da2e8616123c15d75f7892343c4965e0", + "source_records_hash": "acdd29b6dbc2bf21ec218165830b825c9e4e5117358dd36227b4b833acb888ed", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a210a59407ffe78ee7afec96", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/administrador_empresa", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "administrador_empresaNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.administrador_empresa.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e6390c975f788e8ab50df80a1ecfc53d4cdc215b89550e9ff2e9e70a36f34251", + "source_records_hash": "a210a59407ffe78ee7afec96122f4c3ff77b6cfd2a526953c3f19e1769860d6a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-69ebc5c0fdde786509642367", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/administrador_empresa", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "administrador_empresaNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.administrador_empresa.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2e69434298ce0c278d2d69dced5771f5a85bdc02ad308fd086dfc8c9af463163", + "source_records_hash": "69ebc5c0fdde786509642367e6e0fa858b7f8d47b1cd19ec90aab70fabcb909d", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d5b84a8f12f97b9f44f65195", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/administrador_empresa", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "administrador_empresaNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.administrador_empresa.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e614176656ffcda6eef18a23bc2f3086aefec611855ccfc79e4e6b4e0a7dc16c", + "source_records_hash": "d5b84a8f12f97b9f44f651953235b25c789f2052fc3e2a2d0f2f2bdb992b2d8c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1d7b3e228c181a4b4258ed4a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/administrador_empresa", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "administrador_empresa", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "administrador_empresaNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.administrador_empresa.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3e787b5ba822af9c2279068599d41386a7839e3a00858810c570ba9b52b85343", + "source_records_hash": "1d7b3e228c181a4b4258ed4a128be071a6985f6ef00e7cbb2e0ccbaad18c3e70", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/administrador_empresa exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2922ec5ef3d693ac90e6bf24", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/atendimento_cliente", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "atendimento_clienteNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.atendimento_cliente.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "07cbb1fb2a619006e9976623bd4d02da0b4a8ce36c891b07b3d2273c4a6d4ca1", + "source_records_hash": "2922ec5ef3d693ac90e6bf243a0bc2033471dd4c162b0f1d22dd95d98efe0fcd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d4ecdf56af2c2ce5f434d0d3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/atendimento_cliente", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "atendimento_clienteNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.atendimento_cliente.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "abd625535a0624ebd750b6df4013c8c372c127f3e89cfcc5fc1a4be8d07ce78d", + "source_records_hash": "d4ecdf56af2c2ce5f434d0d3bef4969e295d54cb39257580367738a2f1561105", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4c116aabf7abb9368dfa3144", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/atendimento_cliente", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "atendimento_clienteNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.atendimento_cliente.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "4ea27bc9a761c52159d0842b97a201877000bed3b9e35c8ad9f99ab28826d99c", + "source_records_hash": "4c116aabf7abb9368dfa31446e88d21563829483e1986ff12e03721336140dd9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c5de490727201f52d253f875", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/atendimento_cliente", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "atendimento_clienteNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.atendimento_cliente.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e2342fc6046297ce49a75c8058ae8f71c7c5ed98f50c9c8c58eace3794d9a175", + "source_records_hash": "c5de490727201f52d253f875c37c38948f1f1cc1ecc54254c5a09906e706f9d8", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-32316a1899fb597300b35b93", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/atendimento_cliente", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "atendimento_cliente", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "atendimento_clienteNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.atendimento_cliente.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "363dc38ab5b69db9acdca3988e5d0ecfaec17983e328d8207e10dfebdf62a827", + "source_records_hash": "32316a1899fb597300b35b9310d9f4cfc882e8f6b0db8d2397f4600226abff29", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/atendimento_cliente exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-543f874573af334d27d2f880", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/ceo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "ceoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.ceo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "45070e143dc266e90a139378155bd40d2157eece498e534688b50458cef072c2", + "source_records_hash": "543f874573af334d27d2f88033d12127c829130f38f926d675b8046bf0373f97", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-141de56469a5f2c7bfd2ca4a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/ceo", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "ceoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.ceo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1da080993a10da7968c13451ad13c5c12ee112dcdcc4df77a56b1a7fd2d941aa", + "source_records_hash": "141de56469a5f2c7bfd2ca4afea9843a70a189e1304e7f8c6c9114ae6a3573ba", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b64e3df6cdfa9a2fc1d3673e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/ceo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "ceoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.ceo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3d0a712be3f8a4a9e81b1e372c634ee4227d37e92f4effbd339f098419540fc9", + "source_records_hash": "b64e3df6cdfa9a2fc1d3673eaf4ce11e365ed1ebf9550c2b0ef6518c20189e0e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0377ad8216ef33b4f9fe7fd4", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/ceo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "ceoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.ceo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ed25307d5214d5e2847ab37515ae77512cb290152b6e59cad46bd71ab83e85dd", + "source_records_hash": "0377ad8216ef33b4f9fe7fd40aa15aef071b2a544d78f980fd551ca390f171e3", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-78a213be246b36c5c0159f7d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/ceo", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "ceo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "ceoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.ceo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1fa32f4d86307fc0070f63400c391139eec683f1e34fa7d1ce471508807f062e", + "source_records_hash": "78a213be246b36c5c0159f7da6dec3d11f20cf636c296855f39f74b35f4015e1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/ceo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-632c60276b35d32f75222984", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/cliente_externo", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "cliente_externoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.cliente_externo.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "bd6c387d1d49744f48c565a102d5f515e36250c409095f6cb6a4a6b68c208d24", + "source_records_hash": "632c60276b35d32f7522298479676c4c5edae2a76020eaaf1408989b2caf6276", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-aa9e0a295646bb65c8f6ac29", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/cliente_externo", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "cliente_externoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.cliente_externo.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6f856a2b3d971717031fe412b6abbbe9a62ec9ffb5594b7aea6ecc29b5a28f52", + "source_records_hash": "aa9e0a295646bb65c8f6ac29360fac53319ac2f36e84da9096a357312ae4c4e5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-c8094bb84b276fb3f281bc61", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/cliente_externo", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "cliente_externoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.cliente_externo.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b78d62ee86dad4fa23beb74d9b49585f845307815656c131633f0ca3efa6b337", + "source_records_hash": "c8094bb84b276fb3f281bc61e663ac3866d9f18c46dae755b599edfd7439728e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-901df1c41a7007e6748f05ee", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/cliente_externo", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "cliente_externoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.cliente_externo.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "859f3c41ca61df77ef4d08cb105bd3e3636f248dd3547c7235db2a28ebdcae28", + "source_records_hash": "901df1c41a7007e6748f05eebef87bab31e230b33fa5b0c5744deb43c43a42dd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d0dc75609ed1f5e71e89d20b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/cliente_externo", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "cliente_externo", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "cliente_externoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.cliente_externo.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d1e329cfd0e8ee7176afa6f132c00a8c403f178ab7cc061929d70ae42c88a130", + "source_records_hash": "d0dc75609ed1f5e71e89d20b11b2b6cbb8c885150bfba10874eefe25d05b0961", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/cliente_externo exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7b2c4575cb7a81cb5dd41c5b", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/contador", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "contadorNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.contador.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d8ce56fb58f2d16cc80a537418ff139788cf6053180130aac43bcf7667680640", + "source_records_hash": "7b2c4575cb7a81cb5dd41c5b6e089c66c037887906386d6d5ffd39aab7041316", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-34d38a3765c51b0d43bfd25a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/contador", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "contadorNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.contador.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d9053790e41959cac1073338defd641ee638d0268800a527dc9685376b4315b1", + "source_records_hash": "34d38a3765c51b0d43bfd25a28ff9dd461dd24306ae83f3da64b12a452adaf2f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ec45905b9434b0df89f685b8", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/contador", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "contadorNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.contador.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2e0eeb28642da383f005f18931cee288cbcd27469d37609cd218ce6ce6eeaead", + "source_records_hash": "ec45905b9434b0df89f685b846bf149bf60c7cd4dbd2d36b9d1a59e81e93017b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-55c938a85db15750833ccb4c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/contador", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "contadorNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.contador.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "27cb90194ae00af5a7d4a9fcaa1235fec5b51893bb8f85097bb3b17ca2956f75", + "source_records_hash": "55c938a85db15750833ccb4c6a13c77bdad9b3d24c05918d862e3dfc82edd959", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-d1f32ecc684abb23b65c7fe2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/contador", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "contador", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "contadorNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.contador.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ec77e95bf1ad11b479d02f28aa3afedb155f91d565338de5c9ce6773c451551b", + "source_records_hash": "d1f32ecc684abb23b65c7fe283efce04b6d59d6d70e15aa1b6d6cc2109a2bbdf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/contador exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-18c94b5f29de327e629c21ce", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/financeiro", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "financeiroNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.financeiro.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "27f862c72e14bda30a5e30b5e96ae13913c475faacd65f3041a7b4dc08cf12eb", + "source_records_hash": "18c94b5f29de327e629c21ce1c510d33322c79b308ca139051d4fca3ff39c0f0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8e4052839a650c99fcc2187e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/financeiro", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "financeiroNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.financeiro.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "933ffc7072a9756d84154f1825f6b206c012428f474bcc8939fa9f3b396cafd1", + "source_records_hash": "8e4052839a650c99fcc2187e4485cec66b8e7c268b296005b65954f388fe74f0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-be83c5c80dbb2c026792cf1a", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/financeiro", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "financeiroNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.financeiro.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "29ac7ac984a517e801c9e7afd9c01a789a45ef5385e6d79a71fe8d0fd8242b51", + "source_records_hash": "be83c5c80dbb2c026792cf1a50e8e3431ad3f2a0500f23782c43605f92662955", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-56cbc34e03b46b259dd0de39", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/financeiro", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "financeiroNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.financeiro.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "459351675b91165a124be73f3c15950742f4100a88ccbd47eb19be07d72bf76b", + "source_records_hash": "56cbc34e03b46b259dd0de391987336979b6f433eb00049189ef84bf99a3bbcf", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-aa312b7fdb4f61a721109348", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/financeiro", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "financeiro", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "financeiroNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.financeiro.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f6de98b49b13cc8dc36719d93cb0cd3e18e5cbc79fc01744428ae33c0d36f417", + "source_records_hash": "aa312b7fdb4f61a7211093483d15a46ef03fdb0a4fd662778c8e827ed08edf6c", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/financeiro exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-cc84c3fb5335f4070d2fa10e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/gestor_operacional", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "gestor_operacionalNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.gestor_operacional.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "1ce39eff5fb7cbc1a4b28395d4548a209f0188a14b9291348b287b63bde3b942", + "source_records_hash": "cc84c3fb5335f4070d2fa10e61542604d9cb69f8722e9db762e20acf941f3372", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-74683ce1c0cbdaed0b805006", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/gestor_operacional", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "gestor_operacionalNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.gestor_operacional.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e9eb372441c23d9d2652dbca4d804136d4c5667529d72094e962181c8890ce18", + "source_records_hash": "74683ce1c0cbdaed0b80500643ddd407df5bab7a74b3ea597c7b6c4ed3e3348f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7d29aab1b3777cc9c577b2c5", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/gestor_operacional", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "gestor_operacionalNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.gestor_operacional.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "05a2cfa3bcbeae38effd976f0fee66e0898b07f8198252ee198858eb1ab7c428", + "source_records_hash": "7d29aab1b3777cc9c577b2c57b8f176893904f7ebf8720093e1587732e1fcee6", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-340b6a63f57c2277eba5e047", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/gestor_operacional", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "gestor_operacionalNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.gestor_operacional.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "708fa674329dcaf630d1e38f276f3f218dd4406aeceeaa5f27c1ab4c471dc5d5", + "source_records_hash": "340b6a63f57c2277eba5e047690772de4d5d2d7928ace279b460c28639c265ad", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-74240ed62a3ca8782502f932", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/gestor_operacional", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "gestor_operacional", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "gestor_operacionalNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.gestor_operacional.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "d0960f7b5c2f45e0c4bc29bf487220c6d7359ef3adfe242af121b70e2ab11092", + "source_records_hash": "74240ed62a3ca8782502f93254848e81f40449fdea3a5e422b2d6a33b365bcfd", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/gestor_operacional exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8129871ba4ef409f63e9b9fb", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/juridico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "juridicoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.juridico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "b8ae12354916f081c1781cafb8253434a8d4e33bfac4f3f2c1afb9fb9b1799ae", + "source_records_hash": "8129871ba4ef409f63e9b9fbb9769a3f4e7166d08323b6b5611e539fe792d98a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3e64a93015984ab6d7b65707", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/juridico", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "juridicoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.juridico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "2eead33a2847a06e4b3bcccc53e52675ee481b994c5a9b093d909e74263b79fd", + "source_records_hash": "3e64a93015984ab6d7b6570748efcee1fedc9081701056c135e6d2d72204c654", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-5e4b967cef24189521a99479", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/juridico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "juridicoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.juridico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "126d6adcffa49d4b55627f48198671a55c484db46a962dd8cebed5e3bc647026", + "source_records_hash": "5e4b967cef24189521a9947970a8fa84e4cd546a0857474b52d3611c6d9f33f5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ed46059201484eec2b66af89", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/juridico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "juridicoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.juridico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3fea696a635a1cfe854fe17fc6b91cd906f2274e7c1b6d1fcae77e1ffacc3ac8", + "source_records_hash": "ed46059201484eec2b66af8986e528a01ea26ee9c9b2b4a80571c0b712bc2fb4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-73bbd570c956b75a7329622c", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/juridico", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "juridico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "juridicoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.juridico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "3484f923cdfde312d5834a6a8163f1f0f336aa3ad666d0c5ffb8f6d264f07a45", + "source_records_hash": "73bbd570c956b75a7329622cbc3b10953546e3e60d1bd0759d7b11e91187bbd2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/juridico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-814dd6fdba41f6aba98ff723", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/planejamento_estrategico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "planejamento_estrategicoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.planejamento_estrategico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "842013a76382755f9c9ad6e7e49d692eee06cad505b4bed8b029fe6b235964d9", + "source_records_hash": "814dd6fdba41f6aba98ff723b26306084f0502e64ac4cb5bd6cae02b14bff6c9", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-0647ffc4add4c70a99857095", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/planejamento_estrategico", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "planejamento_estrategicoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.planejamento_estrategico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "96468215ea12da49ef4ad5cf4d4777e38df2ef5c7d20daa2f81902b657f383e9", + "source_records_hash": "0647ffc4add4c70a99857095e1f617e7a7d872aace1c44a0f7fd4f845d0c7556", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-6ea3b3649b195a309ad4795d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/planejamento_estrategico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "planejamento_estrategicoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.planejamento_estrategico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "59ebee301dade1216e6119f03fa45caa0ee0864d25c0901dfd22fc8ddd228c4a", + "source_records_hash": "6ea3b3649b195a309ad4795de3a446706509983a0329593a48fb604da338d131", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8f7c3d093932b44b804b445e", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/planejamento_estrategico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "planejamento_estrategicoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.planejamento_estrategico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "846daa529eac3b1a9a89a026380825980f73e0551603edb499c1942b8b04f776", + "source_records_hash": "8f7c3d093932b44b804b445e41ffeb58330b68c91f3d2d1374846892a4f119d1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-63f0909bc0360afca0d89749", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/planejamento_estrategico", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "planejamento_estrategico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "planejamento_estrategicoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.planejamento_estrategico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "dcdc33316582a3d5e60d37bef73c6688f3be117db391f1d441d1882e01d0de42", + "source_records_hash": "63f0909bc0360afca0d897494bbdf5aceba17454313d56b65f03242b55f51f82", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/planejamento_estrategico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2abcc008916770d352204eac", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/secretaria", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "secretariaNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.secretaria.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "06b460986f6a97a743bae79687d4bfc6f2bdb658bd2777216496b885cf0a5c55", + "source_records_hash": "2abcc008916770d352204eac5fc609d895ea91f86a45a43a4e1ba87f7cba35c7", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-b6cb709468d0817ba96deeef", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/secretaria", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "secretariaNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.secretaria.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "ddbb95c1dc48fc4fcd7149666e26de6b2491e786c5986473180d1df5613269f7", + "source_records_hash": "b6cb709468d0817ba96deeef72970ea5d5ee9cc5a67b6b4c92d9f3d81d45098b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-96a3587a6ca73476a86db1d2", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/secretaria", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "secretariaNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.secretaria.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "8b6ef16e9d2d68544d0577fd226c7a87195820269b652ecf2c13575bf843b998", + "source_records_hash": "96a3587a6ca73476a86db1d2141aab3d611daf9511c9275aa05fb619a464c3ec", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-3a3cda0857ff19864a36f8cf", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/secretaria", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "secretariaNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.secretaria.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "00783576aad9bf206195c5e8647bff27029f51bb479b4838eb3c1545d6089d5d", + "source_records_hash": "3a3cda0857ff19864a36f8cfda41400169a53e448d8482b653aa3be6b0fbebb1", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8899a0db1d0e4d5e7e791716", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/secretaria", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "secretaria", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "secretariaNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.secretaria.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e565174f5ed445107e0d18daf414efd8743c144940764beefe855a0f488b2371", + "source_records_hash": "8899a0db1d0e4d5e7e791716d573aea76ac270a04139eaf0f32a463f09ae2ea2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/secretaria exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e34a5a50f2ebe419171cb8ba", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/suporte", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "suporteNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.suporte.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "aca4e83d3bb25e746d90187213fae4581a98fad8b1494aa22d14a83c7580da06", + "source_records_hash": "e34a5a50f2ebe419171cb8ba83c7e2764997ec599bcf6ad8a264423cd2b92cf0", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-93b6912f4f24a92f7eb4d27d", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/suporte", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "suporteNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.suporte.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f16a2e71b3b1005480a9b45def4686b621103419bc602aad784a45518cf10890", + "source_records_hash": "93b6912f4f24a92f7eb4d27d168a92320cc9114fb89584ef5ac14e8efcfacafb", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-2ed376cb48c0c125748bda52", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/suporte", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "suporteNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.suporte.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "a02744b522d99f03a55d21294a3f37094bca8bd9694c0a58445072ccdd7e313d", + "source_records_hash": "2ed376cb48c0c125748bda5206c7512dbf63bb57812dd53bd871da1368709e10", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-a4e9d55924e9e3df4286a819", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/suporte", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "suporteNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.suporte.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "15f13f6879b30479b617e20c8c02263961ee1846bfc1357f2dfcfaecd935b46e", + "source_records_hash": "a4e9d55924e9e3df4286a81938694b8174c4e3af06177cd6fd933af738394721", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-7c4b39205065ae95d4f163dc", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/suporte", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "suporte", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "suporteNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.suporte.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "de1b1d37faff4190395512230d9f20ee8474f220ec30d1e6d7f9d6d6cba29efa", + "source_records_hash": "7c4b39205065ae95d4f163dc091a1feb188892f2405d0ac7b1136926dffc9a7f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/suporte exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e600134592c2f32face15f51", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/tecnico", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "tecnicoNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.tecnico.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "6bf2c6c764b1d8fa2b11c035a916763caab7b97a1a207b4286369f7815f4d556", + "source_records_hash": "e600134592c2f32face15f51bb8488f44c278edf4eea7bc1ca868ad7e2557aef", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4068982ece0170e33eeecdb3", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/tecnico", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "tecnicoNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.tecnico.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "96838f28b0ade0e6214be68e08b9ee2db1c8058793d6277083eee4843a44f5e9", + "source_records_hash": "4068982ece0170e33eeecdb39e3aa0395df71e057ed24686228bf88701586054", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-4e811ecc28f7cb09c49ea6a0", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/tecnico", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "tecnicoNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.tecnico.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "e372f178a3b032e2cb5876ffa7ef6efaf772efbde34318ab68e80b2c71298cbb", + "source_records_hash": "4e811ecc28f7cb09c49ea6a064e79bbfd51d00321c4a68fa9429aeb3af37b9f5", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-1cc0f10c9393591218626cc6", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/tecnico", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "tecnicoNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.tecnico.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "f8afaf1bcb7c6e88a3112353b4f2b7819a533d1b3f2179fc7f866b39773a3cd2", + "source_records_hash": "1cc0f10c9393591218626cc67e3e48f9bc47191c9878ceb3dc61d67a498a986b", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-59939bb42b0dafc7b098f742", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/tecnico", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "tecnico", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "tecnicoNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.tecnico.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c89dcdb15d385fe854eb84a68275c8f470d006943de95e3478df86ca6b69538b", + "source_records_hash": "59939bb42b0dafc7b098f742f34945aa01a8410ba653e72694b9d6cad9df8f6a", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/tecnico exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-e03cf4676a6287cbbadcc159", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "acao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa acao para ui/usuario_final", + "permission_scope": "mcp.admin.action.request", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "action", + "acao", + "mcp.admin.action.request" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "usuario_finalNeed", + "acaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "acaoRoute", + "actionFamily", + "mcp_admin_action_request" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.usuario_final.acao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "93ff08a013f94a9523e53e469076f41cc39852322c0618ac4c8f8548f69aadc1", + "source_records_hash": "e03cf4676a6287cbbadcc159e332e100193d3e78074b1da2fed1eab67021155e", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.acao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa acao para ui/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8e5a532f1d450e52f2a59360", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "auditoria", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa auditoria para ui/usuario_final", + "permission_scope": "mcp.admin.audit", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "audit", + "auditoria", + "mcp.admin.audit" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "usuario_finalNeed", + "auditoriaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "auditoriaRoute", + "auditFamily", + "mcp_admin_audit" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.usuario_final.auditoria.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "146430b9dd61355a9d637e4c18e14db15aed816d3a8955a4235ff165acc99f70", + "source_records_hash": "8e5a532f1d450e52f2a59360a670b4edaacd1f32197d9f4b6da74c74c8f64492", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.auditoria", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa auditoria para ui/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-87defa2280db2d47d40728a1", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "consulta", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa consulta para ui/usuario_final", + "permission_scope": "mcp.admin.readonly", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "query", + "consulta", + "mcp.admin.readonly" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "usuario_finalNeed", + "consultaState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "consultaRoute", + "queryFamily", + "mcp_admin_readonly" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.usuario_final.consulta.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "54a3d145eb21b8964a120184850dc9cb2252173471171ad65e7db3725d645c3f", + "source_records_hash": "87defa2280db2d47d40728a1eb07c3c3bc25858ca3b0251763983fe96dff1db2", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.consulta", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa consulta para ui/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-ef8a5214b6a30fae2dd219eb", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "diagnostico", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa diagnostico para ui/usuario_final", + "permission_scope": "mcp.admin.diagnostic", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "diagnostic", + "diagnostico", + "mcp.admin.diagnostic" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "usuario_finalNeed", + "diagnosticoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "diagnosticoRoute", + "diagnosticFamily", + "mcp_admin_diagnostic" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.usuario_final.diagnostico.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "7c85a7b07b1f7f0025791d1dae8b06646957d05ca3bdd1ba63945dbbade35584", + "source_records_hash": "ef8a5214b6a30fae2dd219eb888676641b78890589d95142707d811266b852f4", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.diagnostico", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa diagnostico para ui/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + }, + { + "approval_required": true, + "blocker_reasons": [], + "dry_run_supported": true, + "evidence_id": "evidence-8b25f4dc32339b235d9c5c80", + "gpt_explainable": true, + "maturity_level": 9, + "operation": "explicacao", + "order_ids": [ + "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", + "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", + "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" + ], + "panel_ready": true, + "pending_if_missing": "homologar rota administrativa explicacao para ui/usuario_final", + "permission_scope": "mcp.admin.explain", + "platform_id": "ui", + "policy_tags": [ + "administration_route", + "mcp_only", + "explanation", + "explicacao", + "mcp.admin.explain" + ], + "profile_id": "usuario_final", + "redaction_requirements": [ + "bloquear valores cfat_ brutos em qualquer artefato humano", + "permitir apenas credentialRef, tokenRef ou secretRef opacos", + "mascarar Authorization Bearer antes de persistir evidencia", + "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", + "vincular redaction ao provider ui via MCP", + "bloquear administracao direta fora do MCPs Internos", + "persistir apenas hashes e referencias opacas de credencial" + ], + "required_payload_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp", + "projectId", + "platformId", + "profileId", + "surfaceId", + "category", + "sourceEndpoint", + "sourceToolId", + "sourcePayloadHash", + "sourceRecordsHash", + "truthState", + "panelReady", + "gptExplainable", + "humanNextAction", + "uiStatus", + "usuario_finalNeed", + "explicacaoState", + "experienceGate", + "adminRouteId", + "adminRouteKind", + "controlPlaneId", + "ownerPlatformId", + "targetPlatformId", + "routeFamily", + "permissionScope", + "executionMode", + "capabilityId", + "capabilityVersion", + "policyDecision", + "policyReason", + "inputSchemaHash", + "outputSchemaHash", + "operatorIntent", + "approvalRequired", + "dryRunSupported", + "rollbackSupported", + "humanExplanation", + "auditRetentionPolicy", + "mcpOnlyAdministration", + "directPlatformBypassBlocked", + "explicacaoRoute", + "explanationFamily", + "mcp_admin_explain" + ], + "required_transit_fields": [ + "origin", + "destination", + "tool", + "payload", + "actor", + "permission", + "result", + "traceId", + "auditId", + "timestamp" + ], + "route_id": "ui.usuario_final.explicacao.administration-route", + "same_source": true, + "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", + "source_payload_hash": "c79d14d7b20fcda4582c9c722cb07bc6839e7604cc07ac1a62869a2b3204e314", + "source_records_hash": "8b25f4dc32339b235d9c5c805dc8eb08cbe3f4bfe45a0ff991274879da29e12f", + "source_tool_id": "mais_humana.mcp_transit.ledger", + "status": "ready", + "tool_id": "mais_humana.admin.explicacao", + "truth_state": "same_source_ready", + "validation_steps": [ + "executar rota administrativa explicacao para ui/usuario_final exclusivamente pelo MCPs Internos", + "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", + "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", + "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", + "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", + "gerar humanExplanation para auditoria da IA administradora" + ] + } + ], + "sample_limit": 1000, + "status": "blocked", + "summary": { + "blocked_cases": 65, + "blockers": [ + "customer_ops.administrador_empresa.acao.administration-route:maturity_below_8", + "customer_ops.administrador_empresa.auditoria.administration-route:maturity_below_8", + "customer_ops.administrador_empresa.consulta.administration-route:maturity_below_8", + "customer_ops.administrador_empresa.diagnostico.administration-route:maturity_below_8", + "customer_ops.administrador_empresa.explicacao.administration-route:maturity_below_8", + "customer_ops.atendimento_cliente.acao.administration-route:maturity_below_8", + "customer_ops.atendimento_cliente.auditoria.administration-route:maturity_below_8", + "customer_ops.atendimento_cliente.consulta.administration-route:maturity_below_8", + "customer_ops.atendimento_cliente.diagnostico.administration-route:maturity_below_8", + "customer_ops.atendimento_cliente.explicacao.administration-route:maturity_below_8", + "customer_ops.ceo.acao.administration-route:maturity_below_8", + "customer_ops.ceo.auditoria.administration-route:maturity_below_8", + "customer_ops.ceo.consulta.administration-route:maturity_below_8", + "customer_ops.ceo.diagnostico.administration-route:maturity_below_8", + "customer_ops.ceo.explicacao.administration-route:maturity_below_8", + "customer_ops.cliente_externo.acao.administration-route:maturity_below_8", + "customer_ops.cliente_externo.auditoria.administration-route:maturity_below_8", + "customer_ops.cliente_externo.consulta.administration-route:maturity_below_8", + "customer_ops.cliente_externo.diagnostico.administration-route:maturity_below_8", + "customer_ops.cliente_externo.explicacao.administration-route:maturity_below_8", + "customer_ops.contador.acao.administration-route:maturity_below_8", + "customer_ops.contador.auditoria.administration-route:maturity_below_8", + "customer_ops.contador.consulta.administration-route:maturity_below_8", + "customer_ops.contador.diagnostico.administration-route:maturity_below_8", + "customer_ops.contador.explicacao.administration-route:maturity_below_8", + "customer_ops.financeiro.acao.administration-route:maturity_below_8", + "customer_ops.financeiro.auditoria.administration-route:maturity_below_8", + "customer_ops.financeiro.consulta.administration-route:maturity_below_8", + "customer_ops.financeiro.diagnostico.administration-route:maturity_below_8", + "customer_ops.financeiro.explicacao.administration-route:maturity_below_8", + "customer_ops.gestor_operacional.acao.administration-route:maturity_below_8", + "customer_ops.gestor_operacional.auditoria.administration-route:maturity_below_8", + "customer_ops.gestor_operacional.consulta.administration-route:maturity_below_8", + "customer_ops.gestor_operacional.diagnostico.administration-route:maturity_below_8", + "customer_ops.gestor_operacional.explicacao.administration-route:maturity_below_8", + "customer_ops.juridico.acao.administration-route:maturity_below_8", + "customer_ops.juridico.auditoria.administration-route:maturity_below_8", + "customer_ops.juridico.consulta.administration-route:maturity_below_8", + "customer_ops.juridico.diagnostico.administration-route:maturity_below_8", + "customer_ops.juridico.explicacao.administration-route:maturity_below_8", + "customer_ops.planejamento_estrategico.acao.administration-route:maturity_below_8", + "customer_ops.planejamento_estrategico.auditoria.administration-route:maturity_below_8", + "customer_ops.planejamento_estrategico.consulta.administration-route:maturity_below_8", + "customer_ops.planejamento_estrategico.diagnostico.administration-route:maturity_below_8", + "customer_ops.planejamento_estrategico.explicacao.administration-route:maturity_below_8", + "customer_ops.secretaria.acao.administration-route:maturity_below_8", + "customer_ops.secretaria.auditoria.administration-route:maturity_below_8", + "customer_ops.secretaria.consulta.administration-route:maturity_below_8", + "customer_ops.secretaria.diagnostico.administration-route:maturity_below_8", + "customer_ops.secretaria.explicacao.administration-route:maturity_below_8", + "customer_ops.suporte.acao.administration-route:maturity_below_8", + "customer_ops.suporte.auditoria.administration-route:maturity_below_8", + "customer_ops.suporte.consulta.administration-route:maturity_below_8", + "customer_ops.suporte.diagnostico.administration-route:maturity_below_8", + "customer_ops.suporte.explicacao.administration-route:maturity_below_8", + "customer_ops.tecnico.acao.administration-route:maturity_below_8", + "customer_ops.tecnico.auditoria.administration-route:maturity_below_8", + "customer_ops.tecnico.consulta.administration-route:maturity_below_8", + "customer_ops.tecnico.diagnostico.administration-route:maturity_below_8", + "customer_ops.tecnico.explicacao.administration-route:maturity_below_8", + "customer_ops.usuario_final.acao.administration-route:maturity_below_8", + "customer_ops.usuario_final.auditoria.administration-route:maturity_below_8", + "customer_ops.usuario_final.consulta.administration-route:maturity_below_8", + "customer_ops.usuario_final.diagnostico.administration-route:maturity_below_8", + "customer_ops.usuario_final.explicacao.administration-route:maturity_below_8", + "docs.administrador_empresa.acao.administration-route:maturity_below_8", + "docs.administrador_empresa.auditoria.administration-route:maturity_below_8", + "docs.administrador_empresa.consulta.administration-route:maturity_below_8", + "docs.administrador_empresa.diagnostico.administration-route:maturity_below_8", + "docs.administrador_empresa.explicacao.administration-route:maturity_below_8", + "docs.atendimento_cliente.acao.administration-route:maturity_below_8", + "docs.atendimento_cliente.auditoria.administration-route:maturity_below_8", + "docs.atendimento_cliente.consulta.administration-route:maturity_below_8", + "docs.atendimento_cliente.diagnostico.administration-route:maturity_below_8", + "docs.atendimento_cliente.explicacao.administration-route:maturity_below_8", + "docs.ceo.acao.administration-route:maturity_below_8", + "docs.ceo.auditoria.administration-route:maturity_below_8", + "docs.ceo.consulta.administration-route:maturity_below_8", + "docs.ceo.diagnostico.administration-route:maturity_below_8", + "docs.ceo.explicacao.administration-route:maturity_below_8" + ], + "control_plane_id": "tudo-para-ia-mcps-internos-plataform", + "evidence_id": "evidence-3e8315d3681d99686af5b998", + "generated_at": "2026-05-02T06:06:49+00:00", + "operations": { + "acao": 182, + "auditoria": 182, + "consulta": 182, + "diagnostico": 182, + "explicacao": 182 + }, + "partial_cases": 325, + "platforms": { + "business": 65, + "compliance": 65, + "customer_ops": 65, + "docs": 65, + "finance": 65, + "gettys": 65, + "identity": 65, + "integracoes": 65, + "intelligence": 65, + "mcps": 65, + "platform_base": 65, + "public": 65, + "stj": 65, + "ui": 65 + }, + "platforms_count": 14, + "profiles_count": 13, + "provider_id": "mais_humana", + "ready_cases": 520, + "source_hash": "f9844f598bfbfb968acea6465fc4b8f7a277b5b071003f3808d1581ce3112363", + "total_cases": 910 + } +} \ No newline at end of file diff --git a/dados/mcp-gateway-access-policy-central-write-status.json b/dados/mcp-gateway-access-policy-central-write-status.json index e8985b1..dd098a6 100644 --- a/dados/mcp-gateway-access-policy-central-write-status.json +++ b/dados/mcp-gateway-access-policy-central-write-status.json @@ -8,7 +8,7 @@ "path": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform\\reports\\MCP-GATEWAY-ACCESS-POLICY__RODADA015.md" } ], - "generatedAt": "2026-05-02T05:37:02+00:00", + "generatedAt": "2026-05-02T06:07:20+00:00", "ok": false, "policy": "falha de escrita central nao aborta artefatos do projeto real" } \ No newline at end of file diff --git a/dados/mcp-gateway-access-policy.json b/dados/mcp-gateway-access-policy.json index ffe70b0..0f68394 100644 --- a/dados/mcp-gateway-access-policy.json +++ b/dados/mcp-gateway-access-policy.json @@ -136,7 +136,7 @@ } ], "endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", - "generated_at": "2026-05-02T05:37:02+00:00", + "generated_at": "2026-05-02T06:07:20+00:00", "liveReady": true, "log_retention_days": 30, "policy_version": "mcp-gateway-access-policy.v1", @@ -150,7 +150,7 @@ "evidence_id": "evidence-a75a27e0669c49da1db8b615", "http_status": 200, "method": "POST", - "observed_at": "2026-05-02T05:36:45+00:00", + "observed_at": "2026-05-02T06:07:09+00:00", "ok": true, "request_hash": "3e1c8f057ac439f4b9b3eb7f8f5be9ac36323f08adc23db6fc7d51633076b79a", "response_excerpt": { @@ -186,7 +186,7 @@ "evidence_id": "evidence-af37a8d489b0038a7a6b5575", "http_status": 200, "method": "POST", - "observed_at": "2026-05-02T05:36:45+00:00", + "observed_at": "2026-05-02T06:07:10+00:00", "ok": true, "request_hash": "17e7d8039c8c34e3f570b6de8b386edc1cfd0c079084b0c7013016d2c76b388c", "response_excerpt": { @@ -222,7 +222,7 @@ "evidence_id": "evidence-3f0e3b9f829c7ff912b335d0", "http_status": 200, "method": "POST", - "observed_at": "2026-05-02T05:36:46+00:00", + "observed_at": "2026-05-02T06:07:10+00:00", "ok": true, "request_hash": "dae7d91a59e37901d50c027d3a0792f697902bd4289801edb2a508f3baf177fe", "response_excerpt": { @@ -251,7 +251,7 @@ } ], "rate_limit_per_minute": 30, - "report_id": "mcp-gateway-access-policy-4c43fecbfdf4364a", + "report_id": "mcp-gateway-access-policy-04b8ffe11da10aa6", "required_content_type": "application/json", "required_method": "POST", "required_user_agent": "Codex-Mais-Humana-MCP-Publication-Gate/1.0", diff --git a/dados/mcp-publication-gate-central-write-status.json b/dados/mcp-publication-gate-central-write-status.json index 6a5396e..dc213e9 100644 --- a/dados/mcp-publication-gate-central-write-status.json +++ b/dados/mcp-publication-gate-central-write-status.json @@ -8,7 +8,7 @@ "path": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform\\reports\\executivos\\MCP-PUBLICATION-GATE-MAIS-HUMANA__RODADA015.md" } ], - "generatedAt": "2026-05-02T05:36:46+00:00", + "generatedAt": "2026-05-02T06:07:10+00:00", "ok": false, "policy": "falha de escrita central nao aborta artefatos do projeto real" } \ No newline at end of file diff --git a/dados/mcp-publication-gate-mais-humana.json b/dados/mcp-publication-gate-mais-humana.json index 20efe91..d87fafd 100644 --- a/dados/mcp-publication-gate-mais-humana.json +++ b/dados/mcp-publication-gate-mais-humana.json @@ -17,7 +17,6 @@ "repo_remote": "https://git.ami.app.br/admin/tudo-para-ia-mais-humana.git" }, "blockers": [ - "runner_node_esbuild_spawn_eperm", "wrangler_auth_not_confirmed", "canonical_name_requires_institutional_decision", "git_sync_blocked" @@ -53,7 +52,7 @@ ], "next_action": "corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo", "order_id": "0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais", - "reason": "fetch/push remoto falhou por SEC_E_NO_CREDENTIALS; repo real local 0/0 antes das mudancas; central divergente 5/10", + "reason": "fetch/push bloqueados por SEC_E_NO_CREDENTIALS e FETCH_HEAD/index.lock conforme auditoria segura", "status": "blocked" }, { @@ -150,7 +149,7 @@ "mais_humana.mcp_transit.ledger" ] }, - "generated_at": "2026-05-02T05:36:46+00:00", + "generated_at": "2026-05-02T06:07:10+00:00", "liveReady": true, "live_probes": [ { @@ -159,7 +158,7 @@ "error_code": "", "evidence_id": "evidence-a75a27e0669c49da1db8b615", "http_status": 200, - "observed_at": "2026-05-02T05:36:45+00:00", + "observed_at": "2026-05-02T06:07:09+00:00", "ok": true, "response_excerpt": { "__truncated__": true, @@ -192,7 +191,7 @@ "error_code": "", "evidence_id": "evidence-af37a8d489b0038a7a6b5575", "http_status": 200, - "observed_at": "2026-05-02T05:36:45+00:00", + "observed_at": "2026-05-02T06:07:10+00:00", "ok": true, "response_excerpt": { "__truncated__": true, @@ -225,7 +224,7 @@ "error_code": "", "evidence_id": "evidence-3f0e3b9f829c7ff912b335d0", "http_status": 200, - "observed_at": "2026-05-02T05:36:46+00:00", + "observed_at": "2026-05-02T06:07:10+00:00", "ok": true, "response_excerpt": { "__truncated__": true, @@ -255,7 +254,7 @@ ], "localReady": true, "provider_id": "mais_humana", - "report_id": "mcp-publication-gate-2026-05-02t0536460000", + "report_id": "mcp-publication-gate-2026-05-02t0607100000", "status": "partial", "summary": [ "Provider local Mais Humana pronto: True.", @@ -270,16 +269,15 @@ "attempted": true, "authenticated": false, "blockers": [ - "runner_node_esbuild_spawn_eperm", "wrangler_auth_not_confirmed" ], "command_status": { - "wrangler_deploy_dry_run": "blocked_spawn_eperm", - "wrangler_version": "blocked", - "wrangler_whoami": "blocked" + "wrangler_deploy_dry_run": "not_confirmed", + "wrangler_version": "unknown", + "wrangler_whoami": "unknown" }, "deploy_dry_run_ok": false, - "raw_summary": "wrangler spawn EPERM before whoami/deployments; Node.js v24.13.0; operational check blocked in this runner", + "raw_summary": "deploy manual informado pelo roteador; wrangler local nao utilizado nesta etapa; conferir live por HTTP", "version": "" } } \ No newline at end of file diff --git a/dados/targeted-sync-audit-central-write-status.json b/dados/targeted-sync-audit-central-write-status.json index f7fe6bf..d40af8d 100644 --- a/dados/targeted-sync-audit-central-write-status.json +++ b/dados/targeted-sync-audit-central-write-status.json @@ -5,6 +5,6 @@ "path": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform\\reports\\EXECUTADO__targeted-sync-audit.md" } ], - "generatedAt": "2026-05-02T05:50:23+00:00", + "generatedAt": "2026-05-02T06:07:41+00:00", "ok": false } \ No newline at end of file diff --git a/dados/targeted-sync-audit.json b/dados/targeted-sync-audit.json index 69e6885..a7c5003 100644 --- a/dados/targeted-sync-audit.json +++ b/dados/targeted-sync-audit.json @@ -5,7 +5,7 @@ "nucleo-central:git_acl_or_lock_blocked" ], "fetch": true, - "generated_at": "2026-05-02T05:50:23+00:00", + "generated_at": "2026-05-02T06:07:41+00:00", "observations": [ { "ahead": 0, @@ -20,12 +20,12 @@ "fetch_attempted": true, "fetch_exit": 255, "fetch_output": "error: cannot open '.git/FETCH_HEAD': Permission denied", - "head": "6b0442f1d01f280e35c8e2711a3695701e77d540", + "head": "4a168272e6a3d5903264c83bffb8f30d9b35552c", "is_git": true, "origin": "https://git.ami.app.br/admin/tudo-para-ia-mais-humana.git", - "short_head": "6b0442f1d01f", + "short_head": "4a168272e6a3", "status": "acl_blocked", - "status_short": "## main\n M dados/mcp-admin-ui-same-source-validation.json\n M dados/mcp-contratos-humanos.json\n M dados/mcp-execute-probe-mais-humana.json\n M dados/mcp-provider-mais-humana-compacto.json\n M dados/mcp-provider-mais-humana.json\n M dados/mcp-transit-ledger-compacto.json\n M dados/mcp-transit-ledger.json\n M dados/workspace-hygiene-central-write-status.json\n M dados/workspace-hygiene-report.json\n M ecossistema/MCP-EXECUTE-PROBE-MAIS-HUMANA.md\n M ecossistema/MCP-PROVIDER-MAIS-HUMANA.md\n M ecossistema/MCP-TRANSIT-LEDGER.md\n M ecossistema/WORKSPACE-HYGIENE-REPORT.md\n M matrizes/mcp-contratos-humanos.csv\n M matrizes/mcp-transit-ledger.csv\n M matrizes/workspace-hygiene-targets.csv\n?? dados/mcp-administration-routes-readiness.json\n?? ecossistema/MCP-ADMINISTRATION-ROUTES.md", + "status_short": "## main\n M dados/mcp-gateway-access-policy-central-write-status.json\n M dados/mcp-gateway-access-policy.json\n M dados/mcp-publication-gate-central-write-status.json\n M dados/mcp-publication-gate-mais-humana.json\n M ecossistema/MCP-GATEWAY-ACCESS-POLICY.md\n M ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md\n M matrizes/mcp-publication-gate-decisions.csv\n M src/mais_humana/cli.py\n?? dados/mcp-admin-route-acceptance-central-write-status.json\n?? dados/mcp-admin-route-acceptance-compacto.json\n?? dados/mcp-admin-route-acceptance.json\n?? ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md\n?? matrizes/mcp-admin-route-acceptance.csv\n?? src/mais_humana/central_materialization.py\n?? src/mais_humana/generated_mcp_admin_route_acceptance.py\n?? tests/test_central_materialization.py\n?? tests/test_mcp_admin_route_acceptance.py", "target": { "expected_remote": "https://git.ami.app.br/admin/tudo-para-ia-mais-humana.git", "path": "G:\\_codex-git\\tudo-para-ia-mais-humana", @@ -41,7 +41,7 @@ ], "branch": "main", "decision": "corrigir ACL/locks de .git antes de qualquer merge/push", - "dirty": false, + "dirty": true, "exists": true, "fetch_attempted": true, "fetch_exit": 255, @@ -51,7 +51,7 @@ "origin": "https://git.ami.app.br/admin/tudo-para-ia-mcps-internos-plataform.git", "short_head": "372018a349e8", "status": "acl_blocked", - "status_short": "## main...origin/main", + "status_short": "## main...origin/main\n M apps/tudo-para-ia-mcps-central/src/registry/stj.ts\n M deploy/mcps-gateway/src/stj/tooling.ts\n M tests/platform/mcps-gateway-stj-round015-transit.test.ts", "target": { "expected_remote": "https://git.ami.app.br/admin/tudo-para-ia-mcps-internos-plataform.git", "path": "G:\\_codex-git\\tudo-para-ia-mcps-internos-plataform", @@ -72,12 +72,12 @@ "fetch_attempted": true, "fetch_exit": 255, "fetch_output": "error: cannot open '.git/FETCH_HEAD': Permission denied", - "head": "983cd12f103b45db72ee708961ebdd93bf809099", + "head": "c4f03f2006a3c99c293bc1094e3d9e78c6ed5fc6", "is_git": true, "origin": "https://git.ami.app.br/admin/nucleo-gestao-operacional.git", - "short_head": "983cd12f103b", + "short_head": "c4f03f2006a3", "status": "acl_blocked", - "status_short": "## main...origin/main [ahead 11, behind 5]\n M central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/indexes/reports-index.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0059_EXECUTIVA__executar-deploy-docs-central-em-host-com-esbuild-spawn-liberado.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0060_EXECUTIVA__registrar-docs-ecosystem-workspace-inventory-no-mcps-internos.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0061_EXECUTIVA__rodar-smoke-remoto-docs-ecosystem-workspace-inventory-pos-deploy.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0062_EXECUTIVA__publicar-evidence-pack-workspace-inventory-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0063_EXECUTIVA__reconciliar-commit-push-docs-e-central-com-gitea-liberado.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0074_EXECUTIVA__executar-deploy-docs-documentation-quality-gates-em-worker.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0075_EXECUTIVA__registrar-docs-ecosystem-documentation-quality-gates-no-mcps-internos.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0076_EXECUTIVA__rodar-smoke-remoto-quality-gates-pos-deploy-e-registro.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0077_EXECUTIVA__publicar-evidence-pack-quality-gates-em-destino-institucional.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0078_EXECUTIVA__reconciliar-push-docs-e-central-quality-gates.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0056_GERENCIAL__homologar-workspace-inventory-como-fonte-de-verdade-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0057_GERENCIAL__formalizar-docs-only-inventory-sem-alterar-outras-plataformas.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0058_GERENCIAL__homologar-runner-wrangler-esbuild-e-remote-smoke-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0059_GERENCIAL__governar-ciclo-de-registro-mcp-docs-ecosystem-tools.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0060_GERENCIAL__governar-divergencia-git-central-e-mudancas-concorrentes.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0071_GERENCIAL__homologar-quality-gates-documentais-como-release-gate-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0072_GERENCIAL__governar-fila-release-blocked-documental.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0073_GERENCIAL__pactuar-promocao-docs-ecosystem-tools-response-ready-no-mcp.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0074_GERENCIAL__homologar-cadencia-deploy-manual-docs-quality-gates.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0075_GERENCIAL__governar-artefatos-typescript-gerados-quality-gates.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/active-order.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/indexes/orders-index.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/indexes/reports-index.md\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/active-order-queue.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/indexes/orders-index.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/indexes/reports-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/audit-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/pending-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/reports-index.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0080_EXECUTIVA__publicar-mcp-transit-gateway-acceptance-no-gateway-docs-ci.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0081_EXECUTIVA__rodar-browser-validation-host-homologado-com-screenshots.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0082_EXECUTIVA__executar-rollback-pages-com-janela-aprovada.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0083_EXECUTIVA__conectar-resolver-credentialref-institucional-admin-ui.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0084_EXECUTIVA__sincronizar-git-ui-mcps-central-com-credenciais-e-loteamento.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0085_EXECUTIVA__corrigir-quatro-bloqueios-restantes-da-suite-mcps-internos.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0075_GERENCIAL__aprovar-mcp-transit-gateway-acceptance-como-contrato.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0076_GERENCIAL__homologar-runner-visual-browser-para-ui-platform.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0077_GERENCIAL__aprovar-politica-rollback-pages-ui.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0078_GERENCIAL__governar-resolver-credentialref-admin-ui-com-security.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0079_GERENCIAL__governar-sincronizacao-git-com-credenciais-e-loteamento.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0080_GERENCIAL__homologar-runtime-ts-mcps-internos-e-dependencias-cruzadas.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/000_sincronizacao-dos-espelhos.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/RESOLUCAO-DE-BLOQUEIOS-GIT-GITEA-WINDOWS-E-LINUX.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/SINCRONIZACAO-MANUAL-DE-REPOSITORIO.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/coletar-sincronizacao-espelhos.ps1\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/sincronizar-repositorios-gitea-windows.ps1\n M roteador-de-ordens-de-servico/000-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/001-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/002-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/003-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/004-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/005-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/006-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/007-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/008-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/009-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/010-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/011-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/012-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/013-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/014-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/015-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/RELATORIO-RODADA__2026-05-02__business-round009.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/RELATORIO-RODADA__2026-05-02__router001-business-mcps-readiness.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/executivas/EXECUCAO-ORDENS-0066-A-0070__20260501_2045.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/executivas/EXECUCAO-ORDENS-0066-A-0070__20260501_2232.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__2026-05-02__round009-2332.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__2026-05-02__router001-business-mcps-readiness.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__20260501_2045.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__20260501_2232.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/RELATORIO-RODADA__2026-05-02__compliance-round009.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/RELATORIO-RODADA__2026-05-02__router001-compliance-live-assurance.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/executivas/EXECUTADO-RODADA__2026-05-01__round007-2045.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/executivas/EXECUTADO-RODADA__2026-05-01__round008-2232.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-01__round007-2045.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-01__round008-2232.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-02__round009-2332.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-02__router001-compliance-live-assurance.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/audit/ordens-executadas/AUDITORIA-GPT__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/audit/ordens-executadas/AUDITORIA-GPT__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/audit/ordens-executadas/AUDITORIA-GPT__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0059_EXECUTIVA__executar-deploy-docs-central-em-host-com-esbuild-spawn-liberado.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0060_EXECUTIVA__registrar-docs-ecosystem-workspace-inventory-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0061_EXECUTIVA__rodar-smoke-remoto-docs-ecosystem-workspace-inventory-pos-deploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0062_EXECUTIVA__publicar-evidence-pack-workspace-inventory-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0063_EXECUTIVA__reconciliar-commit-push-docs-e-central-com-gitea-liberado.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0064_EXECUTIVA__executar-deploy-docs-control-plane-registry-com-wrangler.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0065_EXECUTIVA__registrar-docs-ecosystem-control-plane-registry-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0066_EXECUTIVA__rodar-smoke-remoto-control-plane-registry-pos-deploy-e-registro.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0067_EXECUTIVA__publicar-evidence-pack-control-plane-registry-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0068_EXECUTIVA__reconciliar-push-docs-e-central-com-gitea-liberado.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0074_EXECUTIVA__executar-deploy-docs-documentation-quality-gates-em-worker.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0075_EXECUTIVA__registrar-docs-ecosystem-documentation-quality-gates-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0076_EXECUTIVA__rodar-smoke-remoto-quality-gates-pos-deploy-e-registro.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0077_EXECUTIVA__publicar-evidence-pack-quality-gates-em-destino-institucional.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0078_EXECUTIVA__reconciliar-push-docs-e-central-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0056_GERENCIAL__homologar-workspace-inventory-como-fonte-de-verdade-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0057_GERENCIAL__formalizar-docs-only-inventory-sem-alterar-outras-plataformas.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0058_GERENCIAL__homologar-runner-wrangler-esbuild-e-remote-smoke-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0059_GERENCIAL__governar-ciclo-de-registro-mcp-docs-ecosystem-tools.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0060_GERENCIAL__governar-divergencia-git-central-e-mudancas-concorrentes.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0061_GERENCIAL__homologar-control-plane-registry-como-fonte-de-verdade-mcp.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0062_GERENCIAL__definir-owners-e-aceite-dos-status-pending-mcp-registration.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0063_GERENCIAL__homologar-politica-docs-only-para-inventario-e-control-plane.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0064_GERENCIAL__governar-runner-wrangler-esbuild-sem-spawn-eperm.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0065_GERENCIAL__governar-sync-central-divergente-com-staging-por-plataforma.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0071_GERENCIAL__homologar-quality-gates-documentais-como-release-gate-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0072_GERENCIAL__governar-fila-release-blocked-documental.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0073_GERENCIAL__pactuar-promocao-docs-ecosystem-tools-response-ready-no-mcp.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0074_GERENCIAL__homologar-cadencia-deploy-manual-docs-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0075_GERENCIAL__governar-artefatos-typescript-gerados-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0079_EXECUTIVA__registrar-pacote-docs-ecosystem-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0080_EXECUTIVA__rodar-smoke-mcp-quality-gates-pos-registro.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0081_EXECUTIVA__publicar-evidence-pack-quality-gates-com-readback.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0082_EXECUTIVA__regularizar-git-docs-central-fetch-head-e-push.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0083_EXECUTIVA__promover-quality-gates-para-ui-admin-mcp.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0084_EXECUTIVA__deploy-final-atoms-docs-truth-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0076_GERENCIAL__definir-owners-releaseblocked-por-plataforma.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0077_GERENCIAL__homologar-catalogonly-vs-responseready-docs-ecosystem.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0078_GERENCIAL__aprovar-destino-institucional-evidence-packs-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0079_GERENCIAL__formalizar-cadencia-deploy-manual-wrangler-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0080_GERENCIAL__governar-sync-central-com-artefatos-gerados.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0081_GERENCIAL__homologar-runner-deploy-atoms-regenerados-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-ORDENS-0059-A-0063__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-ORDENS-0064-A-0068__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-ORDENS-0074-A-0078__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-RODADA__20260501_docs-customer-ops-mcps-reconciliacao.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/PENDENCIAS-CODEX__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/PENDENCIAS-CODEX__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/PENDENCIAS-CODEX__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/EXECUCAO-GERENCIAL-CONSOLIDADA__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/EXECUCAO-GERENCIAL-CONSOLIDADA__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/EXECUCAO-GERENCIAL-CONSOLIDADA__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260501_docs-customer-ops-mcps-reconciliacao.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/audit/AUDITORIA-CODEX__2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-01_205530_FINANCE-52-MCP-CENTRAL.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_FINANCE-MCPS-LIVE-REVALIDACAO-2.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_FINANCE-MCPS-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0038_EXECUTIVA__publicar_finance_worker_contrato_56_tools_pos_deploy_manual.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0039_EXECUTIVA__revalidar_finance_mcp_remote_validation_live.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0040_EXECUTIVA__homologar_live_business_integracoes_finance_sem_simulation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0041_EXECUTIVA__promover_contrato_finance_56_tools_para_ui_docs.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0042_EXECUTIVA__coletar_aceite_customerops_finance_monitor_replay.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0038_GERENCIAL__governar_transicao_finance_52_54_para_56_tools.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0039_GERENCIAL__formalizar_estado_control_plane_simulated_finance.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0040_GERENCIAL__aprovar_gate_live_business_integracoes_finance.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0041_GERENCIAL__governar_aceite_ui_docs_finance_por_source_hash.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0042_GERENCIAL__definir_sla_venda_controlada_finance_pos_live.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/executivas/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/executivas/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/executivas/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/audit/AUDITORIA-CODEX__2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-01_205530_GETTYS-61-MCP-CENTRAL.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_GETTYS-MCP-CENTRAL-SAMESOURCE.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_GETTYS-MCPS-LIVE-REVALIDACAO-2.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/indexes/reports-index.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0056_EXECUTIVA__publicar_gettys_mcp_remote_validation_pos_deploy_manual.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0057_EXECUTIVA__revalidar_gettys_health_openapi_mcp_remote_validation_live.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0058_EXECUTIVA__confirmar_admin_status_gettys_com_chave_e_readback.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0059_EXECUTIVA__promover_gettys_remote_validation_para_ui_docs_customerops.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0060_EXECUTIVA__coletar_aceite_gettys_por_source_hash_remoto.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0051_GERENCIAL__governar_estado_gettys_worker_ok_mcp_simulated.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0052_GERENCIAL__aprovar_gate_gettys_openapi_v05_remote_validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0053_GERENCIAL__formalizar_cadencia_evidencias_live_gettys.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0054_GERENCIAL__governar_aceite_ui_docs_customerops_gettys_por_hash.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0055_GERENCIAL__alinhar_gettys_na_matriz_router007_cross_platform.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/EXECUCAO-EXECUTIVA-GETTYS__2026-05-02_router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/EXECUCAO-EXECUTIVA-GETTYS__2026-05-02_router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/PENDENCIAS-CODEX__2026-05-02_router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/PENDENCIAS-CODEX__2026-05-02_router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02_router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02_router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/audit/AUDITORIA-CODEX__2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-2026-05-01-IDENTITY-MCPS-WRANGLER.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-2026-05-02-IDENTITY-MCPS-LIVE-REVALIDACAO-2.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-2026-05-02-IDENTITY-MCPS-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0071_EXECUTIVA__publicar_rota_identity_mcp_remote_validation_pos_deploy_manual.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0072_EXECUTIVA__configurar_segredo_upstream_identity_access_assurance_no_mcp.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0073_EXECUTIVA__revalidar_gateway_mcp_identity_remote_validation_live.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0074_EXECUTIVA__gerar_readback_d1_identity_remote_validation_access_assurance.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0075_EXECUTIVA__coletar_aceite_consumidores_identity_por_source_hash_remoto.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0066_GERENCIAL__governar_estado_publicado_parcial_identity_mcp.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0067_GERENCIAL__aprovar_rotacao_segredo_identity_mcp_access_assurance.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0068_GERENCIAL__formalizar_gate_hash_remoto_identity_para_ui_docs_customerops.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0069_GERENCIAL__governar_matriz_router007_identity_finance_gettys.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0070_GERENCIAL__definir_sla_readback_d1_identity_pos_deploy.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/execucoes/EXECUCAO-2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/execucoes/EXECUCAO-2026-05-02-ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/current/STATUS-RODADA__2026-05-01_205530_FINANCE-GETTYS-CONTRATOS.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0075_GERENCIAL__aprovar-mcp-transit-gateway-acceptance-como-contrato.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0076_GERENCIAL__homologar-runner-visual-browser-para-ui-platform.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0077_GERENCIAL__aprovar-politica-rollback-pages-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0078_GERENCIAL__governar-resolver-credentialref-admin-ui-com-security.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0079_GERENCIAL__governar-sincronizacao-git-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0080_EXECUTIVA__publicar-mcp-transit-gateway-acceptance-no-gateway-docs-ci.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0080_GERENCIAL__homologar-runtime-ts-mcps-internos-e-dependencias-cruzadas.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0081_EXECUTIVA__rodar-browser-validation-host-homologado-com-screenshots.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0082_EXECUTIVA__executar-rollback-pages-com-janela-aprovada.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0083_EXECUTIVA__conectar-resolver-credentialref-institucional-admin-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0084_EXECUTIVA__sincronizar-git-ui-mcps-central-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0085_EXECUTIVA__corrigir-quatro-bloqueios-restantes-da-suite-mcps-internos.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0080_EXECUTIVA__publicar-mcp-transit-gateway-acceptance-no-gateway-docs-ci.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0081_EXECUTIVA__rodar-browser-validation-host-homologado-com-screenshots.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0082_EXECUTIVA__executar-rollback-pages-com-janela-aprovada.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0083_EXECUTIVA__conectar-resolver-credentialref-institucional-admin-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0084_EXECUTIVA__sincronizar-git-ui-mcps-central-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0085_EXECUTIVA__corrigir-quatro-bloqueios-restantes-da-suite-mcps-internos.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0086_EXECUTIVA__promover-gateway-acceptance-docs-ci-com-hash-e-artifacts.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0087_EXECUTIVA__executar-browser-validation-em-runner-homologado-sem-eperm.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0088_EXECUTIVA__ensaiar-rollback-pages-com-owner-e-health-readback.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0089_EXECUTIVA__ativar-resolver-credentialref-readonly-institucional.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0090_EXECUTIVA__reconciliar-git-fetch-head-acl-e-push-loteado.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0091_EXECUTIVA__rodar-suite-mcps-internos-full-com-runtime-fixo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0092_EXECUTIVA__promover-gateway-acceptance-docs-ci-com-artifact-externo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0093_EXECUTIVA__executar-browser-validation-host-homologado-com-screenshots-reais.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0094_EXECUTIVA__ensaiar-rollback-pages-com-owner-e-readback-live.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0095_EXECUTIVA__ativar-resolver-credentialref-readonly-sem-segredo-bruto.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0096_EXECUTIVA__reconciliar-git-fetch-head-schannel-acl-e-push-central.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0097_EXECUTIVA__homologar-mcps-gateway-bearer-externo-sem-skip.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0098_EXECUTIVA__executar-browser-validation-runner-com-spawn-permitido.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0099_EXECUTIVA__ensaiar-rollback-pages-com-owner-e-readback.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0100_EXECUTIVA__ativar-credentialref-resolver-readonly-vivo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0101_EXECUTIVA__regularizar-git-fetch-push-schannel-e-central-divergente.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0075_GERENCIAL__aprovar-mcp-transit-gateway-acceptance-como-contrato.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0076_GERENCIAL__homologar-runner-visual-browser-para-ui-platform.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0077_GERENCIAL__aprovar-politica-rollback-pages-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0078_GERENCIAL__governar-resolver-credentialref-admin-ui-com-security.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0079_GERENCIAL__governar-sincronizacao-git-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0080_GERENCIAL__homologar-runtime-ts-mcps-internos-e-dependencias-cruzadas.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0081_GERENCIAL__aprovar-gateway-acceptance-docs-ci-como-gate.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0082_GERENCIAL__homologar-runner-browser-sem-eperm-para-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0083_GERENCIAL__aprovar-janela-rollback-pages-com-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0084_GERENCIAL__governar-resolver-credentialref-institucional.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0085_GERENCIAL__governar-acl-fetch-head-e-sync-loteado.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0086_GERENCIAL__homologar-runtime-ts-fixo-mcps-internos.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0087_GERENCIAL__aprovar-gateway-acceptance-docs-ci-com-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0088_GERENCIAL__homologar-runner-browser-ui-sem-eperm.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0089_GERENCIAL__aprovar-politica-rollback-pages-ui-com-owner.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0090_GERENCIAL__governar-resolver-credentialref-readonly-sem-segredo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0091_GERENCIAL__governar-sync-git-schannel-acl-e-central-divergente.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0092_GERENCIAL__governar-gateway-bearer-docs-ci-retencao-externa.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0093_GERENCIAL__homologar-ambiente-browser-sem-eperm-para-release-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0094_GERENCIAL__aprovar-politica-rollback-pages-e-janela-de-reversao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0095_GERENCIAL__governar-credentialref-readonly-institucional-sem-segredo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0096_GERENCIAL__governar-sincronizacao-git-segura-e-credenciais-remotas.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0102_EXECUTIVA__executar-browser-validation-runner-homologado-com-screenshots.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0103_EXECUTIVA__aprovar-e-ensaiar-rollback-pages-com-owner.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0104_EXECUTIVA__ativar-provider-credentialref-readonly-vivo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0105_EXECUTIVA__regularizar-git-schannel-fetch-push-central.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0106_EXECUTIVA__reter-gateway-evidence-live-no-docs-ci-com-hash.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0097_GERENCIAL__homologar-bearer-runtime-mcps-gateway-com-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0098_GERENCIAL__homologar-runner-browser-oficial-sem-eperm.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0099_GERENCIAL__aprovar-politica-rollback-pages-e-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0100_GERENCIAL__pactuar-provider-credentialref-readonly-identity-integracoes.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0101_GERENCIAL__governar-sincronizacao-git-central-divergente.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/deploy-plataformas/\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-CORRECAO-INTEGRAL-GIT-GITEA-LOCKS-DISCO-E-SINCRONIZACAO__EVIDENCIA__2026-05-01_163249.json\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-CORRECAO-INTEGRAL-GIT-GITEA-LOCKS-DISCO-E-SINCRONIZACAO__EXECUTADO__2026-05-01_163249.md\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-CORRECAO-INTEGRAL-GIT-GITEA-LOCKS-DISCO-E-SINCRONIZACAO__PENDENCIAS-CODEX__2026-05-01_163249.md\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-INTEGRACOES-CONSOLIDAR-UMA-PASTA-E-MAPEAR-REMOTE__EVIDENCIA__2026-05-01_181729.json\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-INTEGRACOES-CONSOLIDAR-UMA-PASTA-E-MAPEAR-REMOTE__EXECUTADO__2026-05-01_181729.md\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-INTEGRACOES-CONSOLIDAR-UMA-PASTA-E-MAPEAR-REMOTE__PENDENCIAS-CODEX__2026-05-01_181729.md\n?? central-de-ordem-de-servico/reports/sync-audit/\n?? roteador-de-ordens-de-servico/outros/", + "status_short": "## main...origin/main [ahead 11, behind 5]\n M central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/indexes/reports-index.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0059_EXECUTIVA__executar-deploy-docs-central-em-host-com-esbuild-spawn-liberado.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0060_EXECUTIVA__registrar-docs-ecosystem-workspace-inventory-no-mcps-internos.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0061_EXECUTIVA__rodar-smoke-remoto-docs-ecosystem-workspace-inventory-pos-deploy.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0062_EXECUTIVA__publicar-evidence-pack-workspace-inventory-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0063_EXECUTIVA__reconciliar-commit-push-docs-e-central-com-gitea-liberado.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0074_EXECUTIVA__executar-deploy-docs-documentation-quality-gates-em-worker.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0075_EXECUTIVA__registrar-docs-ecosystem-documentation-quality-gates-no-mcps-internos.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0076_EXECUTIVA__rodar-smoke-remoto-quality-gates-pos-deploy-e-registro.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0077_EXECUTIVA__publicar-evidence-pack-quality-gates-em-destino-institucional.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0078_EXECUTIVA__reconciliar-push-docs-e-central-quality-gates.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0056_GERENCIAL__homologar-workspace-inventory-como-fonte-de-verdade-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0057_GERENCIAL__formalizar-docs-only-inventory-sem-alterar-outras-plataformas.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0058_GERENCIAL__homologar-runner-wrangler-esbuild-e-remote-smoke-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0059_GERENCIAL__governar-ciclo-de-registro-mcp-docs-ecosystem-tools.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0060_GERENCIAL__governar-divergencia-git-central-e-mudancas-concorrentes.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0071_GERENCIAL__homologar-quality-gates-documentais-como-release-gate-docs.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0072_GERENCIAL__governar-fila-release-blocked-documental.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0073_GERENCIAL__pactuar-promocao-docs-ecosystem-tools-response-ready-no-mcp.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0074_GERENCIAL__homologar-cadencia-deploy-manual-docs-quality-gates.md\n D central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0075_GERENCIAL__governar-artefatos-typescript-gerados-quality-gates.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/active-order.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/indexes/orders-index.md\n M central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/indexes/reports-index.md\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/active-order-queue.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/indexes/orders-index.md\n M central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/indexes/reports-index.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/current/active-order-queue.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/current/active-order.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/indexes/audit-index.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/indexes/pending-index.md\n M central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/indexes/reports-index.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0073_EXECUTIVA__validar-transit-proof-ledger-live-pos-deploy-manual.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0074_EXECUTIVA__executar-smoke-gpt-painel-auditoria-em-worker-publicado.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0075_EXECUTIVA__restaurar-biblioteca-privada-para-suite-service-binding.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0076_EXECUTIVA__sincronizar-repo-central-e-remotos-com-schanel-credenciais-validas.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0077_EXECUTIVA__reconciliar-deltas-concorrentes-do-gateway-mcps.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0068_GERENCIAL__homologar-ledger-same-source-como-gate-vivo.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0069_GERENCIAL__instituir-politica-de-deploy-manual-e-evidencia-pos-deploy.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0070_GERENCIAL__governar-biblioteca-privada-como-dependencia-de-suite.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0071_GERENCIAL__normalizar-sync-git-schanel-e-autosync.md\n D central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0072_GERENCIAL__governar-deltas-concorrentes-do-control-plane-mcps.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/current/active-order-queue.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/current/active-order.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/current/current-project-state.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/indexes/audit-index.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/indexes/pending-index.md\n M central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/indexes/reports-index.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0057_EXECUTIVA__homologar-primeiro-consumidor-do-ledger-mcp.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0058_EXECUTIVA__executar-smoke-same-source-em-business-identity-docs-integracoes-ui.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0059_EXECUTIVA__publicar-relatorios-mcp-transit-consumer-publications-nos-consumidores.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0060_EXECUTIVA__sincronizar-platform-base-remoto-com-credenciais-validas.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0061_EXECUTIVA__regenerar-artifacts-pos-consumidor-homologado.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0052_GERENCIAL__homologar-ledger-consumer-publications-como-fonte-canonica.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0053_GERENCIAL__aprovar-gate-same-source-cross-platform.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0054_GERENCIAL__governar-rollout-de-consumidores-mcp.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0055_GERENCIAL__normatizar-sync-schanel-platform-base.md\n D central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0056_GERENCIAL__governar-producao-gerada-e-limite-de-codigo-util.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/controle-semantico.sqlite\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/audit-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/ordens-executivas-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/ordens-gerenciais-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/pending-index.md\n M central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/reports-index.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0080_EXECUTIVA__publicar-mcp-transit-gateway-acceptance-no-gateway-docs-ci.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0081_EXECUTIVA__rodar-browser-validation-host-homologado-com-screenshots.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0082_EXECUTIVA__executar-rollback-pages-com-janela-aprovada.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0083_EXECUTIVA__conectar-resolver-credentialref-institucional-admin-ui.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0084_EXECUTIVA__sincronizar-git-ui-mcps-central-com-credenciais-e-loteamento.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0085_EXECUTIVA__corrigir-quatro-bloqueios-restantes-da-suite-mcps-internos.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0075_GERENCIAL__aprovar-mcp-transit-gateway-acceptance-como-contrato.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0076_GERENCIAL__homologar-runner-visual-browser-para-ui-platform.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0077_GERENCIAL__aprovar-politica-rollback-pages-ui.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0078_GERENCIAL__governar-resolver-credentialref-admin-ui-com-security.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0079_GERENCIAL__governar-sincronizacao-git-com-credenciais-e-loteamento.md\n D central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0080_GERENCIAL__homologar-runtime-ts-mcps-internos-e-dependencias-cruzadas.md\n M central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/current/active-order-queue.md\n M central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/current/current-project-state.md\n M central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/status/overview.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/000_sincronizacao-dos-espelhos.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/RESOLUCAO-DE-BLOQUEIOS-GIT-GITEA-WINDOWS-E-LINUX.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/SINCRONIZACAO-MANUAL-DE-REPOSITORIO.md\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/coletar-sincronizacao-espelhos.ps1\n M central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/sincronizar-repositorios-gitea-windows.ps1\n M roteador-de-ordens-de-servico/000-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/001-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/002-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/003-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/004-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/005-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/006-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/007-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/008-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/009-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/010-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/011-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n D roteador-de-ordens-de-servico/012-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/013-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/014-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n M roteador-de-ordens-de-servico/015-ROTEADOR-PERMANENTE-DE-ORDEM_DE_SERVICO.MD\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/RELATORIO-RODADA__2026-05-02__business-round009.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/RELATORIO-RODADA__2026-05-02__router001-business-mcps-readiness.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/executivas/EXECUCAO-ORDENS-0066-A-0070__20260501_2045.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/reports/executivas/EXECUCAO-ORDENS-0066-A-0070__20260501_2232.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__2026-05-02__round009-2332.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__2026-05-02__router001-business-mcps-readiness.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__20260501_2045.md\n?? central-de-ordem-de-servico/projects/01_repo_tudo-para-ia-business-platform/status/STATUS-RODADA__20260501_2232.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/orders/executivas/0032_EXECUTIVA__publicar-compliance-round007-assurance-no-mcp-gateway-live.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/orders/gerenciais/0026_GERENCIAL__governar-deploy-manual-mcp-gateway-compliance-round007.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/RELATORIO-RODADA__2026-05-02__compliance-round009.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/RELATORIO-RODADA__2026-05-02__router001-compliance-live-assurance.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/executivas/EXECUTADO-RODADA__2026-05-01__round007-2045.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/reports/executivas/EXECUTADO-RODADA__2026-05-01__round008-2232.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-01__round007-2045.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-01__round008-2232.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-02__round009-2332.md\n?? central-de-ordem-de-servico/projects/02_repo_tudo-para-ia-compliance-platform/status/STATUS-RODADA__2026-05-02__router001-compliance-live-assurance.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/audit/ordens-executadas/AUDITORIA-GPT__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/audit/ordens-executadas/AUDITORIA-GPT__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/audit/ordens-executadas/AUDITORIA-GPT__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0059_EXECUTIVA__executar-deploy-docs-central-em-host-com-esbuild-spawn-liberado.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0060_EXECUTIVA__registrar-docs-ecosystem-workspace-inventory-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0061_EXECUTIVA__rodar-smoke-remoto-docs-ecosystem-workspace-inventory-pos-deploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0062_EXECUTIVA__publicar-evidence-pack-workspace-inventory-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0063_EXECUTIVA__reconciliar-commit-push-docs-e-central-com-gitea-liberado.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0064_EXECUTIVA__executar-deploy-docs-control-plane-registry-com-wrangler.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0065_EXECUTIVA__registrar-docs-ecosystem-control-plane-registry-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0066_EXECUTIVA__rodar-smoke-remoto-control-plane-registry-pos-deploy-e-registro.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0067_EXECUTIVA__publicar-evidence-pack-control-plane-registry-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0068_EXECUTIVA__reconciliar-push-docs-e-central-com-gitea-liberado.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0074_EXECUTIVA__executar-deploy-docs-documentation-quality-gates-em-worker.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0075_EXECUTIVA__registrar-docs-ecosystem-documentation-quality-gates-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0076_EXECUTIVA__rodar-smoke-remoto-quality-gates-pos-deploy-e-registro.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0077_EXECUTIVA__publicar-evidence-pack-quality-gates-em-destino-institucional.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/executivas/0078_EXECUTIVA__reconciliar-push-docs-e-central-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0056_GERENCIAL__homologar-workspace-inventory-como-fonte-de-verdade-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0057_GERENCIAL__formalizar-docs-only-inventory-sem-alterar-outras-plataformas.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0058_GERENCIAL__homologar-runner-wrangler-esbuild-e-remote-smoke-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0059_GERENCIAL__governar-ciclo-de-registro-mcp-docs-ecosystem-tools.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0060_GERENCIAL__governar-divergencia-git-central-e-mudancas-concorrentes.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0061_GERENCIAL__homologar-control-plane-registry-como-fonte-de-verdade-mcp.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0062_GERENCIAL__definir-owners-e-aceite-dos-status-pending-mcp-registration.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0063_GERENCIAL__homologar-politica-docs-only-para-inventario-e-control-plane.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0064_GERENCIAL__governar-runner-wrangler-esbuild-sem-spawn-eperm.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0065_GERENCIAL__governar-sync-central-divergente-com-staging-por-plataforma.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0071_GERENCIAL__homologar-quality-gates-documentais-como-release-gate-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0072_GERENCIAL__governar-fila-release-blocked-documental.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0073_GERENCIAL__pactuar-promocao-docs-ecosystem-tools-response-ready-no-mcp.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0074_GERENCIAL__homologar-cadencia-deploy-manual-docs-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executadas/gerenciais/0075_GERENCIAL__governar-artefatos-typescript-gerados-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0079_EXECUTIVA__registrar-pacote-docs-ecosystem-no-mcps-internos.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0080_EXECUTIVA__rodar-smoke-mcp-quality-gates-pos-registro.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0081_EXECUTIVA__publicar-evidence-pack-quality-gates-com-readback.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0082_EXECUTIVA__regularizar-git-docs-central-fetch-head-e-push.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0083_EXECUTIVA__promover-quality-gates-para-ui-admin-mcp.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/executivas/0084_EXECUTIVA__deploy-final-atoms-docs-truth-quality-gates.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0076_GERENCIAL__definir-owners-releaseblocked-por-plataforma.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0077_GERENCIAL__homologar-catalogonly-vs-responseready-docs-ecosystem.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0078_GERENCIAL__aprovar-destino-institucional-evidence-packs-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0079_GERENCIAL__formalizar-cadencia-deploy-manual-wrangler-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0080_GERENCIAL__governar-sync-central-com-artefatos-gerados.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/orders/gerenciais/0081_GERENCIAL__homologar-runner-deploy-atoms-regenerados-docs.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-ORDENS-0059-A-0063__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-ORDENS-0064-A-0068__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-ORDENS-0074-A-0078__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/EXECUCAO-RODADA__20260501_docs-customer-ops-mcps-reconciliacao.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/PENDENCIAS-CODEX__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/PENDENCIAS-CODEX__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/executivas/PENDENCIAS-CODEX__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/EXECUCAO-GERENCIAL-CONSOLIDADA__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/EXECUCAO-GERENCIAL-CONSOLIDADA__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/reports/gerenciais/EXECUCAO-GERENCIAL-CONSOLIDADA__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260501_docs-customer-ops-mcps-reconciliacao.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260502_control-plane-registry.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260502_documentation-truth.md\n?? central-de-ordem-de-servico/projects/04_repo_tudo-para-ia-docs-plataform/status/STATUS-RODADA__20260502_quality-gates-postdeploy.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/audit/AUDITORIA-CODEX__2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-01_205530_FINANCE-52-MCP-CENTRAL.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_FINANCE-MCPS-LIVE-REVALIDACAO-2.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_FINANCE-MCPS-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0038_EXECUTIVA__publicar_finance_worker_contrato_56_tools_pos_deploy_manual.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0039_EXECUTIVA__revalidar_finance_mcp_remote_validation_live.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0040_EXECUTIVA__homologar_live_business_integracoes_finance_sem_simulation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0041_EXECUTIVA__promover_contrato_finance_56_tools_para_ui_docs.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/executivas/0042_EXECUTIVA__coletar_aceite_customerops_finance_monitor_replay.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0038_GERENCIAL__governar_transicao_finance_52_54_para_56_tools.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0039_GERENCIAL__formalizar_estado_control_plane_simulated_finance.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0040_GERENCIAL__aprovar_gate_live_business_integracoes_finance.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0041_GERENCIAL__governar_aceite_ui_docs_finance_por_source_hash.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/orders/gerenciais/0042_GERENCIAL__definir_sla_venda_controlada_finance_pos_live.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/executivas/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/executivas/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/executivas/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/05_repo_tudo-para-ia-finance-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/audit/AUDITORIA-CODEX__2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-01_205530_GETTYS-61-MCP-CENTRAL.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_GETTYS-MCP-CENTRAL-SAMESOURCE.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_GETTYS-MCPS-LIVE-REVALIDACAO-2.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/indexes/reports-index.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0056_EXECUTIVA__publicar_gettys_mcp_remote_validation_pos_deploy_manual.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0057_EXECUTIVA__revalidar_gettys_health_openapi_mcp_remote_validation_live.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0058_EXECUTIVA__confirmar_admin_status_gettys_com_chave_e_readback.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0059_EXECUTIVA__promover_gettys_remote_validation_para_ui_docs_customerops.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/executivas/0060_EXECUTIVA__coletar_aceite_gettys_por_source_hash_remoto.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0051_GERENCIAL__governar_estado_gettys_worker_ok_mcp_simulated.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0052_GERENCIAL__aprovar_gate_gettys_openapi_v05_remote_validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0053_GERENCIAL__formalizar_cadencia_evidencias_live_gettys.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0054_GERENCIAL__governar_aceite_ui_docs_customerops_gettys_por_hash.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/orders/gerenciais/0055_GERENCIAL__alinhar_gettys_na_matriz_router007_cross_platform.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/EXECUCAO-EXECUTIVA-GETTYS__2026-05-02_router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/EXECUCAO-EXECUTIVA-GETTYS__2026-05-02_router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/PENDENCIAS-CODEX__2026-05-02_router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/PENDENCIAS-CODEX__2026-05-02_router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02_router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/06_repo_tudo-para-ia-gettys-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02_router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/audit/AUDITORIA-CODEX__2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-2026-05-01-IDENTITY-MCPS-WRANGLER.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-2026-05-02-IDENTITY-MCPS-LIVE-REVALIDACAO-2.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-2026-05-02-IDENTITY-MCPS-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/current/STATUS-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0071_EXECUTIVA__publicar_rota_identity_mcp_remote_validation_pos_deploy_manual.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0072_EXECUTIVA__configurar_segredo_upstream_identity_access_assurance_no_mcp.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0073_EXECUTIVA__revalidar_gateway_mcp_identity_remote_validation_live.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0074_EXECUTIVA__gerar_readback_d1_identity_remote_validation_access_assurance.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/executivas/0075_EXECUTIVA__coletar_aceite_consumidores_identity_por_source_hash_remoto.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0066_GERENCIAL__governar_estado_publicado_parcial_identity_mcp.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0067_GERENCIAL__aprovar_rotacao_segredo_identity_mcp_access_assurance.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0068_GERENCIAL__formalizar_gate_hash_remoto_identity_para_ui_docs_customerops.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0069_GERENCIAL__governar_matriz_router007_identity_finance_gettys.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/orders/gerenciais/0070_GERENCIAL__definir_sla_readback_d1_identity_pos_deploy.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/EXECUCAO-RODADA__2026-05-02_ROUTER007-MCP-TRANSIT-ASSURANCE.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/PENDENCIAS-CODEX__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/execucoes/EXECUCAO-2026-05-02-ROUTER007-MCP-CODE-PLAN-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/execucoes/EXECUCAO-2026-05-02-ROUTER007-MCP-REMOTE-VALIDATION.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-code-plan-validation.md\n?? central-de-ordem-de-servico/projects/07_repo_tudo-para-ia-identity-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__2026-05-02-router007-mcp-remote-validation.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/audit/AUDITORIA-RODADA-2026-05-02-CONSUMER-PUBLICATION-GATE.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/current/STATUS-RODADA__2026-05-01_205530_FINANCE-GETTYS-CONTRATOS.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/executivas/0073_EXECUTIVA__validar-transit-proof-ledger-live-pos-deploy-manual.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/executivas/0074_EXECUTIVA__executar-smoke-gpt-painel-auditoria-em-worker-publicado.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/executivas/0075_EXECUTIVA__restaurar-biblioteca-privada-para-suite-service-binding.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/executivas/0076_EXECUTIVA__sincronizar-repo-central-e-remotos-com-schanel-credenciais-validas.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/executivas/0077_EXECUTIVA__reconciliar-deltas-concorrentes-do-gateway-mcps.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/gerenciais/0068_GERENCIAL__homologar-ledger-same-source-como-gate-vivo.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/gerenciais/0069_GERENCIAL__instituir-politica-de-deploy-manual-e-evidencia-pos-deploy.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/gerenciais/0070_GERENCIAL__governar-biblioteca-privada-como-dependencia-de-suite.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/gerenciais/0071_GERENCIAL__normalizar-sync-git-schanel-e-autosync.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executadas/gerenciais/0072_GERENCIAL__governar-deltas-concorrentes-do-control-plane-mcps.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0078_EXECUTIVA__executar-deploy-wrangler-consumer-publication-gateway.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0079_EXECUTIVA__validar-consumer-publication-live-pos-deploy.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0080_EXECUTIVA__publicar-evidence-pack-consumer-publication-para-platform-base.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0081_EXECUTIVA__regularizar-git-acl-schannel-mcps-e-central.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/executivas/0082_EXECUTIVA__restaurar-biblioteca-privada-service-binding-mcps.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0073_GERENCIAL__homologar-consumer-publication-como-contrato-vivo.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0074_GERENCIAL__governar-deploy-manual-wrangler-e-evidencia-pos-deploy.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0075_GERENCIAL__pactuar-retencao-de-evidence-packs-mcp-transit.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0076_GERENCIAL__regularizar-credenciais-git-acl-e-schanel.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/orders/gerenciais/0077_GERENCIAL__definir-owner-biblioteca-privada-service-binding.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/reports/PENDENCIAS-REAIS-RODADA-0073-0077__2026-05-02-CONSUMER-PUBLICATION-GATE.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/reports/executivas/RELATORIO-EXECUCAO-0073-A-0077__2026-05-02-CONSUMER-PUBLICATION-GATE.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/reports/gerenciais/AVALIACAO-GERENCIAL-0068-A-0072__2026-05-02-CONSUMER-PUBLICATION-GATE.md\n?? central-de-ordem-de-servico/projects/10_repo_tudo-para-ia-mcps-internos-plataform/status/STATUS-RODADA-0073-0077-2026-05-02-CONSUMER-PUBLICATION-GATE.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/audit/EXECUTADAS-2026-05-02-LIVE-CONSUMER-SMOKES.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/executivas/0057_EXECUTIVA__homologar-primeiro-consumidor-do-ledger-mcp.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/executivas/0058_EXECUTIVA__executar-smoke-same-source-em-business-identity-docs-integracoes-ui.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/executivas/0059_EXECUTIVA__publicar-relatorios-mcp-transit-consumer-publications-nos-consumidores.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/executivas/0060_EXECUTIVA__sincronizar-platform-base-remoto-com-credenciais-validas.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/executivas/0061_EXECUTIVA__regenerar-artifacts-pos-consumidor-homologado.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/gerenciais/0052_GERENCIAL__homologar-ledger-consumer-publications-como-fonte-canonica.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/gerenciais/0053_GERENCIAL__aprovar-gate-same-source-cross-platform.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/gerenciais/0054_GERENCIAL__governar-rollout-de-consumidores-mcp.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/gerenciais/0055_GERENCIAL__normatizar-sync-schanel-platform-base.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executadas/gerenciais/0056_GERENCIAL__governar-producao-gerada-e-limite-de-codigo-util.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0062_EXECUTIVA__publicar-evidence-packs-nos-repos-consumidores.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0063_EXECUTIVA__regularizar-acl-git-platform-base-e-validar-commit-manual.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0064_EXECUTIVA__sincronizar-platform-base-remoto-com-schanel-corrigido.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0065_EXECUTIVA__regenerar-bundle-apos-consumer-publication-live-do-gateway.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/executivas/0066_EXECUTIVA__reconciliar-central-suja-sem-perder-mudancas-alheias.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0057_GERENCIAL__homologar-evidence-packs-live-como-gate-cross-platform.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0058_GERENCIAL__governar-publicacao-nos-consumidores-sem-copia-divergente.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0059_GERENCIAL__regularizar-politica-git-acl-schanel-platform-base.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0060_GERENCIAL__pactuar-regeneracao-pos-deploy-consumer-publication.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/orders/gerenciais/0061_GERENCIAL__governar-limite-de-codigo-util-versus-artifacts-gerados.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/reports/PENDENCIAS-CODEX__2026-05-02-LIVE-CONSUMER-SMOKES.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/reports/executivas/RELATORIO-EXECUCAO-0057-A-0061__2026-05-02-LIVE-CONSUMER-SMOKES.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/reports/gerenciais/AVALIACAO-GERENCIAL-0052-A-0056__2026-05-02-LIVE-CONSUMER-SMOKES.md\n?? central-de-ordem-de-servico/projects/11_repo_tudo-para-ia-platform-base/status/STATUS-RODADA__2026-05-02-LIVE-CONSUMER-SMOKES.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0075_GERENCIAL__aprovar-mcp-transit-gateway-acceptance-como-contrato.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0076_GERENCIAL__homologar-runner-visual-browser-para-ui-platform.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0077_GERENCIAL__aprovar-politica-rollback-pages-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0078_GERENCIAL__governar-resolver-credentialref-admin-ui-com-security.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0079_GERENCIAL__governar-sincronizacao-git-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0080_EXECUTIVA__publicar-mcp-transit-gateway-acceptance-no-gateway-docs-ci.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0080_GERENCIAL__homologar-runtime-ts-mcps-internos-e-dependencias-cruzadas.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0081_EXECUTIVA__rodar-browser-validation-host-homologado-com-screenshots.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0082_EXECUTIVA__executar-rollback-pages-com-janela-aprovada.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0083_EXECUTIVA__conectar-resolver-credentialref-institucional-admin-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0084_EXECUTIVA__sincronizar-git-ui-mcps-central-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0085_EXECUTIVA__corrigir-quatro-bloqueios-restantes-da-suite-mcps-internos.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0097_GERENCIAL__homologar-bearer-runtime-mcps-gateway-com-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0098_GERENCIAL__homologar-runner-browser-oficial-sem-eperm.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0099_GERENCIAL__aprovar-politica-rollback-pages-e-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0100_GERENCIAL__pactuar-provider-credentialref-readonly-identity-integracoes.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0101_GERENCIAL__governar-sincronizacao-git-central-divergente.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0102_EXECUTIVA__executar-browser-validation-runner-homologado-com-screenshots.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0103_EXECUTIVA__aprovar-e-ensaiar-rollback-pages-com-owner.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0104_EXECUTIVA__ativar-provider-credentialref-readonly-vivo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0105_EXECUTIVA__regularizar-git-schannel-fetch-push-central.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/0106_EXECUTIVA__reter-gateway-evidence-live-no-docs-ci-com-hash.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/audit/ordens-executadas/AUDITORIA-GPT__ROUND029__20260502_030034.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/indexes/INDEX__ROUND029__20260502_030034.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0080_EXECUTIVA__publicar-mcp-transit-gateway-acceptance-no-gateway-docs-ci.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0081_EXECUTIVA__rodar-browser-validation-host-homologado-com-screenshots.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0082_EXECUTIVA__executar-rollback-pages-com-janela-aprovada.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0083_EXECUTIVA__conectar-resolver-credentialref-institucional-admin-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0084_EXECUTIVA__sincronizar-git-ui-mcps-central-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0085_EXECUTIVA__corrigir-quatro-bloqueios-restantes-da-suite-mcps-internos.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0086_EXECUTIVA__promover-gateway-acceptance-docs-ci-com-hash-e-artifacts.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0087_EXECUTIVA__executar-browser-validation-em-runner-homologado-sem-eperm.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0088_EXECUTIVA__ensaiar-rollback-pages-com-owner-e-health-readback.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0089_EXECUTIVA__ativar-resolver-credentialref-readonly-institucional.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0090_EXECUTIVA__reconciliar-git-fetch-head-acl-e-push-loteado.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0091_EXECUTIVA__rodar-suite-mcps-internos-full-com-runtime-fixo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0092_EXECUTIVA__promover-gateway-acceptance-docs-ci-com-artifact-externo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0093_EXECUTIVA__executar-browser-validation-host-homologado-com-screenshots-reais.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0094_EXECUTIVA__ensaiar-rollback-pages-com-owner-e-readback-live.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0095_EXECUTIVA__ativar-resolver-credentialref-readonly-sem-segredo-bruto.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0096_EXECUTIVA__reconciliar-git-fetch-head-schannel-acl-e-push-central.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0097_EXECUTIVA__homologar-mcps-gateway-bearer-externo-sem-skip.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0098_EXECUTIVA__executar-browser-validation-runner-com-spawn-permitido.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0099_EXECUTIVA__ensaiar-rollback-pages-com-owner-e-readback.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0100_EXECUTIVA__ativar-credentialref-resolver-readonly-vivo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0101_EXECUTIVA__regularizar-git-fetch-push-schannel-e-central-divergente.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0102_EXECUTIVA__executar-browser-validation-runner-homologado-com-screenshots.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0103_EXECUTIVA__aprovar-e-ensaiar-rollback-pages-com-owner.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0104_EXECUTIVA__ativar-provider-credentialref-readonly-vivo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0105_EXECUTIVA__regularizar-git-schannel-fetch-push-central.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/executivas/0106_EXECUTIVA__reter-gateway-evidence-live-no-docs-ci-com-hash.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0075_GERENCIAL__aprovar-mcp-transit-gateway-acceptance-como-contrato.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0076_GERENCIAL__homologar-runner-visual-browser-para-ui-platform.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0077_GERENCIAL__aprovar-politica-rollback-pages-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0078_GERENCIAL__governar-resolver-credentialref-admin-ui-com-security.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0079_GERENCIAL__governar-sincronizacao-git-com-credenciais-e-loteamento.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0080_GERENCIAL__homologar-runtime-ts-mcps-internos-e-dependencias-cruzadas.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0081_GERENCIAL__aprovar-gateway-acceptance-docs-ci-como-gate.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0082_GERENCIAL__homologar-runner-browser-sem-eperm-para-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0083_GERENCIAL__aprovar-janela-rollback-pages-com-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0084_GERENCIAL__governar-resolver-credentialref-institucional.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0085_GERENCIAL__governar-acl-fetch-head-e-sync-loteado.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0086_GERENCIAL__homologar-runtime-ts-fixo-mcps-internos.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0087_GERENCIAL__aprovar-gateway-acceptance-docs-ci-com-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0088_GERENCIAL__homologar-runner-browser-ui-sem-eperm.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0089_GERENCIAL__aprovar-politica-rollback-pages-ui-com-owner.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0090_GERENCIAL__governar-resolver-credentialref-readonly-sem-segredo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0091_GERENCIAL__governar-sync-git-schannel-acl-e-central-divergente.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0092_GERENCIAL__governar-gateway-bearer-docs-ci-retencao-externa.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0093_GERENCIAL__homologar-ambiente-browser-sem-eperm-para-release-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0094_GERENCIAL__aprovar-politica-rollback-pages-e-janela-de-reversao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0095_GERENCIAL__governar-credentialref-readonly-institucional-sem-segredo.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0096_GERENCIAL__governar-sincronizacao-git-segura-e-credenciais-remotas.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0097_GERENCIAL__homologar-bearer-runtime-mcps-gateway-com-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0098_GERENCIAL__homologar-runner-browser-oficial-sem-eperm.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0099_GERENCIAL__aprovar-politica-rollback-pages-e-retencao.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0100_GERENCIAL__pactuar-provider-credentialref-readonly-identity-integracoes.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executadas/gerenciais/0101_GERENCIAL__governar-sincronizacao-git-central-divergente.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0107_EXECUTIVA__executar-browser-validation-em-runner-sem-eperm-com-round029-tools.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0108_EXECUTIVA__homologar-retencao-docs-ci-gateway-evidence-round029-com-readback.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0109_EXECUTIVA__ativar-provider-credentialref-readonly-com-resolver-institucional.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0110_EXECUTIVA__executar-rehearsal-rollback-pages-com-owner-e-janela-aprovados.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/executivas/0111_EXECUTIVA__regularizar-git-schannel-central-divergente-e-push-escopo-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0102_GERENCIAL__homologar-round029-como-contrato-mcp-ready-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0103_GERENCIAL__aprovar-politica-retencao-docs-ci-para-evidencias-gateway.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0104_GERENCIAL__homologar-runner-browser-oficial-com-evidencia-visual-ui.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0105_GERENCIAL__pactuar-provider-credentialref-readonly-identity-integracoes-security.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/orders/gerenciais/0106_GERENCIAL__governar-sincronizacao-central-divergente-com-loteamento-por-plataforma.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/EXECUTADO__ROUND029__20260502_030034.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/executivos/PENDENCIAS-CODEX__ROUND029__20260502_030034.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__ROUND029__20260502_030034.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND024__20260501_212632.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND025__20260502_013957.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND026__20260502_034800.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND027__20260502_002442.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND028__20260502_054500.md\n?? central-de-ordem-de-servico/projects/14_repo_tudo-para-ia-ui-platform/status/STATUS-RODADA__ROUND029__20260502_030034.md\n?? central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/audit/AUDITORIA-GPT__rodada-015-mcp-admin-routes-2026-05-02.md\n?? central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/indexes/INDEX__RODADA015__20260502T0555Z.md\n?? central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/reports/EXECUTADO__rodada-015-mcp-admin-routes-2026-05-02.md\n?? central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/reports/PENDENCIAS-CODEX__rodada-015-mcp-admin-routes-2026-05-02.md\n?? central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform/reports/gerenciais/AVALIACAO-GERENCIAL-DA-PLATAFORMA__20260502T0555Z.md\n?? central-de-ordem-de-servico/projects/deploy-plataformas/\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-CORRECAO-INTEGRAL-GIT-GITEA-LOCKS-DISCO-E-SINCRONIZACAO__EVIDENCIA__2026-05-01_163249.json\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-CORRECAO-INTEGRAL-GIT-GITEA-LOCKS-DISCO-E-SINCRONIZACAO__EXECUTADO__2026-05-01_163249.md\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-CORRECAO-INTEGRAL-GIT-GITEA-LOCKS-DISCO-E-SINCRONIZACAO__PENDENCIAS-CODEX__2026-05-01_163249.md\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-INTEGRACOES-CONSOLIDAR-UMA-PASTA-E-MAPEAR-REMOTE__EVIDENCIA__2026-05-01_181729.json\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-INTEGRACOES-CONSOLIDAR-UMA-PASTA-E-MAPEAR-REMOTE__EXECUTADO__2026-05-01_181729.md\n?? central-de-ordem-de-servico/projects/sincronizacao-de-repositorios/reports/CODEX-INTEGRACOES-CONSOLIDAR-UMA-PASTA-E-MAPEAR-REMOTE__PENDENCIAS-CODEX__2026-05-01_181729.md\n?? central-de-ordem-de-servico/reports/sync-audit/\n?? roteador-de-ordens-de-servico/outros/", "target": { "expected_remote": "https://git.ami.app.br/admin/nucleo-gestao-operacional.git", "path": "G:\\_codex-git\\nucleo-gestao-operacional", @@ -86,7 +86,7 @@ } } ], - "report_id": "targeted-sync-audit-240594061246", + "report_id": "targeted-sync-audit-198691462817", "status": "diverged", "summary": [ "Repositories observed: 3.", diff --git a/dados/workspace-hygiene-central-write-status.json b/dados/workspace-hygiene-central-write-status.json index db47bbe..41fae3c 100644 --- a/dados/workspace-hygiene-central-write-status.json +++ b/dados/workspace-hygiene-central-write-status.json @@ -6,6 +6,6 @@ "path": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform\\reports\\EXECUTADO__workspace-hygiene.md" } ], - "generatedAt": "2026-05-02T05:53:28+00:00", + "generatedAt": "2026-05-02T06:07:53+00:00", "ok": false } \ No newline at end of file diff --git a/dados/workspace-hygiene-report.json b/dados/workspace-hygiene-report.json index 93af77d..003f2ab 100644 --- a/dados/workspace-hygiene-report.json +++ b/dados/workspace-hygiene-report.json @@ -7,7 +7,7 @@ "error": "PermissionError: [WinError 5] Acesso negado: 'G:\\\\_codex-git\\\\tudo-para-ia-mais-humana\\\\.test-tmp\\\\tmpnk6r4sdb'", "footprint_after": { "byte_count": 0, - "child_count": 141, + "child_count": 149, "errors": [ "PermissionError: [WinError 5] Acesso negado: 'G:\\\\_codex-git\\\\tudo-para-ia-mais-humana\\\\.test-tmp\\\\tmpnk6r4sdb'", "PermissionError: [WinError 5] Acesso negado: 'G:\\\\_codex-git\\\\tudo-para-ia-mais-humana\\\\.test-tmp\\\\tmpu13bzfhr'" @@ -17,8 +17,8 @@ "is_file": false }, "footprint_before": { - "byte_count": 59624382, - "child_count": 1309, + "byte_count": 1275036, + "child_count": 363, "errors": [ "PermissionError: [WinError 5] Acesso negado: 'G:\\\\_codex-git\\\\tudo-para-ia-mais-humana\\\\.test-tmp\\\\tmpnk6r4sdb'", "PermissionError: [WinError 5] Acesso negado: 'G:\\\\_codex-git\\\\tudo-para-ia-mais-humana\\\\.test-tmp\\\\tmpu13bzfhr'" @@ -65,9 +65,9 @@ ], "central_platform_folder": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform", "clean": false, - "generated_at": "2026-05-02T05:53:28+00:00", + "generated_at": "2026-05-02T06:07:53+00:00", "project_root": "G:\\_codex-git\\tudo-para-ia-mais-humana", - "report_id": "workspace-hygiene-454852741717", + "report_id": "workspace-hygiene-710614943330", "status": "blocked", "summary": [ "Targets evaluated: 2.", diff --git a/ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md b/ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md new file mode 100644 index 0000000..ba8af6d --- /dev/null +++ b/ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md @@ -0,0 +1,520 @@ +# MCP Admin Route Acceptance + +- report_id: `mcp-admin-route-acceptance-b7dbd20012832055` +- generated_at: `2026-05-02T06:06:49+00:00` +- provider_id: `mais_humana` +- control_plane_id: `tudo-para-ia-mcps-internos-plataform` +- status: `blocked` +- source_hash: `f9844f598bfbfb968acea6465fc4b8f7a277b5b071003f3808d1581ce3112363` +- total_cases: `910` +- ready_cases: `520` +- partial_cases: `325` +- blocked_cases: `65` +- ready_ratio: `0.5714` +- evidence_id: `evidence-3e8315d3681d99686af5b998` + +## Operacoes + +- `acao`: `182` +- `auditoria`: `182` +- `consulta`: `182` +- `diagnostico`: `182` +- `explicacao`: `182` + +## Plataformas + +- `business`: `65` +- `compliance`: `65` +- `customer_ops`: `65` +- `docs`: `65` +- `finance`: `65` +- `gettys`: `65` +- `identity`: `65` +- `integracoes`: `65` +- `intelligence`: `65` +- `mcps`: `65` +- `platform_base`: `65` +- `public`: `65` +- `stj`: `65` +- `ui`: `65` + +## Amostra + +### business.administrador_empresa.acao.administration-route + +- route_key: `business/administrador_empresa/acao` +- tool_id: `mais_humana.admin.acao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.action.request` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-ad52ab3aec8c146ff3726b2d` +- source_payload_hash: `d082c395fdaf1f2b7f4477634fefea03d68c34daa50caffe9869d4f764ede499` +- source_records_hash: `ad52ab3aec8c146ff3726b2d3906e7a5c070939751f6dc09bd22113e142f679b` +- next_action: homologar rota administrativa acao para business/administrador_empresa + +### business.administrador_empresa.auditoria.administration-route + +- route_key: `business/administrador_empresa/auditoria` +- tool_id: `mais_humana.admin.auditoria` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.audit` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-10ecf5e6942e1370acc44c11` +- source_payload_hash: `f1d17c2b19d9d7bb48a99f9391cb7ac5b8acaa85685f52cb4942630f38f6d32b` +- source_records_hash: `10ecf5e6942e1370acc44c11aa79e655a5d324ea8e445a1a233fee9f676802e5` +- next_action: homologar rota administrativa auditoria para business/administrador_empresa + +### business.administrador_empresa.consulta.administration-route + +- route_key: `business/administrador_empresa/consulta` +- tool_id: `mais_humana.admin.consulta` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.readonly` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-587d659a4c282c7715078021` +- source_payload_hash: `505b2b794fc430bbc76e80c11cb59f484d6c44f2f1331a74edaef872d15d4e38` +- source_records_hash: `587d659a4c282c7715078021a91d62105284097dade620bc969161477b89401b` +- next_action: homologar rota administrativa consulta para business/administrador_empresa + +### business.administrador_empresa.diagnostico.administration-route + +- route_key: `business/administrador_empresa/diagnostico` +- tool_id: `mais_humana.admin.diagnostico` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.diagnostic` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-c7ded42ea265be003bb113b6` +- source_payload_hash: `3e6d2ec5d40f72aa001a6da61d26cdb3db6112a01dd2d4a567c6abce7f56fbdd` +- source_records_hash: `c7ded42ea265be003bb113b601771a1eb6f5fce906f2fe52923762812891a238` +- next_action: homologar rota administrativa diagnostico para business/administrador_empresa + +### business.administrador_empresa.explicacao.administration-route + +- route_key: `business/administrador_empresa/explicacao` +- tool_id: `mais_humana.admin.explicacao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.explain` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-63d6d7de2ac68232ac3c862c` +- source_payload_hash: `051170ee6954b9e724eaae7fef4cb0bb8ed88d39c33dbfacc384c58ea0ff1f9a` +- source_records_hash: `63d6d7de2ac68232ac3c862ce9684c9d5ef7e2441f4f4b16ff2404ca344fa0cd` +- next_action: homologar rota administrativa explicacao para business/administrador_empresa + +### business.atendimento_cliente.acao.administration-route + +- route_key: `business/atendimento_cliente/acao` +- tool_id: `mais_humana.admin.acao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.action.request` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-7c7be84ac6782615dfeb38d9` +- source_payload_hash: `1299a53220e003a76a84268297f5a7228d02dce16a07ae3d39a77d0ffc89f1d6` +- source_records_hash: `7c7be84ac6782615dfeb38d9e02b86f0ad0deaf2363267c1194d21093dbed20f` +- next_action: homologar rota administrativa acao para business/atendimento_cliente + +### business.atendimento_cliente.auditoria.administration-route + +- route_key: `business/atendimento_cliente/auditoria` +- tool_id: `mais_humana.admin.auditoria` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.audit` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-4e8c564a2d995bc53735548e` +- source_payload_hash: `57beddad77228c21b6036b410547ade91a1057e7e891838a95863368941bf50a` +- source_records_hash: `4e8c564a2d995bc53735548efabfe94d75a5b51ba45c1ea1e13a44858fe03bf3` +- next_action: homologar rota administrativa auditoria para business/atendimento_cliente + +### business.atendimento_cliente.consulta.administration-route + +- route_key: `business/atendimento_cliente/consulta` +- tool_id: `mais_humana.admin.consulta` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.readonly` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-7edecd401588f6ec8c809e03` +- source_payload_hash: `fc9ad6aadbd39a5aa8fb4444e49779f54202462e0d9b7c86e36edaf39383640d` +- source_records_hash: `7edecd401588f6ec8c809e03321d2da8922c5453f10737c591d1ab93b90ef7a8` +- next_action: homologar rota administrativa consulta para business/atendimento_cliente + +### business.atendimento_cliente.diagnostico.administration-route + +- route_key: `business/atendimento_cliente/diagnostico` +- tool_id: `mais_humana.admin.diagnostico` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.diagnostic` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-0d6b7f9fd95b804d2c99c89d` +- source_payload_hash: `c6a4c1161a4ab3ddf0cdab419e336e869d4c3f598724e9fa6075c11563daee32` +- source_records_hash: `0d6b7f9fd95b804d2c99c89daf94687c8399c57f9da494fd711d39269d68c5a9` +- next_action: homologar rota administrativa diagnostico para business/atendimento_cliente + +### business.atendimento_cliente.explicacao.administration-route + +- route_key: `business/atendimento_cliente/explicacao` +- tool_id: `mais_humana.admin.explicacao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.explain` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-8efd2d3db8c8e36d1737e931` +- source_payload_hash: `0bdee52d0d0fa434a2bd5c0cbd79521b962f3b1eaff978b92fa727107b6a108e` +- source_records_hash: `8efd2d3db8c8e36d1737e9314fec019577b0745cfb233c570d63e2858eb2e70f` +- next_action: homologar rota administrativa explicacao para business/atendimento_cliente + +### business.ceo.acao.administration-route + +- route_key: `business/ceo/acao` +- tool_id: `mais_humana.admin.acao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.action.request` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-8663f918eaf543ba853f6b17` +- source_payload_hash: `bd976d4fd2ff57008416461108920c388cea94b1fad993e1176a20097d00d59c` +- source_records_hash: `8663f918eaf543ba853f6b17f0e5f53f7f0873de4cdc3d32a18f6734fd71aa11` +- next_action: homologar rota administrativa acao para business/ceo + +### business.ceo.auditoria.administration-route + +- route_key: `business/ceo/auditoria` +- tool_id: `mais_humana.admin.auditoria` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.audit` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-8626f5e4b0fab4f7034f59d5` +- source_payload_hash: `0a7868bfb78b8f713f91492f7a35e282ad970ac87fab3f974b30559fa7920826` +- source_records_hash: `8626f5e4b0fab4f7034f59d586be22c3cb631c08f361f9083eb72c423f7ba05f` +- next_action: homologar rota administrativa auditoria para business/ceo + +### business.ceo.consulta.administration-route + +- route_key: `business/ceo/consulta` +- tool_id: `mais_humana.admin.consulta` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.readonly` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-a1b5c73faabc9adb8acba4f6` +- source_payload_hash: `e4076ddc0cd4f5445f4a832bdb9b77833fe512f036470298afa797fba9a0fb04` +- source_records_hash: `a1b5c73faabc9adb8acba4f6a561d519eefe768a025223d7417f0a537819d53f` +- next_action: homologar rota administrativa consulta para business/ceo + +### business.ceo.diagnostico.administration-route + +- route_key: `business/ceo/diagnostico` +- tool_id: `mais_humana.admin.diagnostico` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.diagnostic` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-97bf7c4fef545240d91a0d67` +- source_payload_hash: `3801b57510c00a1fce40adfc5b8aba77782931a56baae50f84ff3e95dc28ef10` +- source_records_hash: `97bf7c4fef545240d91a0d6794c9ca8989fce742216f4e8daa7f2394ae451a6a` +- next_action: homologar rota administrativa diagnostico para business/ceo + +### business.ceo.explicacao.administration-route + +- route_key: `business/ceo/explicacao` +- tool_id: `mais_humana.admin.explicacao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.explain` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-4910d766c7e8e6539ed20de3` +- source_payload_hash: `677e2c9b2e1073a561244cb1452b056cb0c27aef03fc92b54e7efc4033de969e` +- source_records_hash: `4910d766c7e8e6539ed20de3ccc4d8fb629d43766d5a8873ae5926ea9840e161` +- next_action: homologar rota administrativa explicacao para business/ceo + +### business.cliente_externo.acao.administration-route + +- route_key: `business/cliente_externo/acao` +- tool_id: `mais_humana.admin.acao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.action.request` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-99b8fc9b9bb54a227950015d` +- source_payload_hash: `58d8e5ba1a5694d277ef196e48bc5bee57278b98eba53ee04a5fe88034705039` +- source_records_hash: `99b8fc9b9bb54a227950015d1c8ad52f9be0a93270a1029f2584c3c013dc9fac` +- next_action: homologar rota administrativa acao para business/cliente_externo + +### business.cliente_externo.auditoria.administration-route + +- route_key: `business/cliente_externo/auditoria` +- tool_id: `mais_humana.admin.auditoria` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.audit` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-432a6b6a41e60ad56931f6d8` +- source_payload_hash: `5b93e10b9bf98b0bd18a6478cf62fd3b812bca7176a6b46ab1a07fa546c3e15f` +- source_records_hash: `432a6b6a41e60ad56931f6d8e9fb78cd128d8a92807d6a13b4f2385fbc69a1f8` +- next_action: homologar rota administrativa auditoria para business/cliente_externo + +### business.cliente_externo.consulta.administration-route + +- route_key: `business/cliente_externo/consulta` +- tool_id: `mais_humana.admin.consulta` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.readonly` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-dfbddc7a711dcfb103a8f023` +- source_payload_hash: `4a9fb634f6a22c6a0244b1af53e9073d3d0e16de68085e0856cca49d84535f30` +- source_records_hash: `dfbddc7a711dcfb103a8f023f9bb71bbde77529691b40420f2a60ac6a79e6daf` +- next_action: homologar rota administrativa consulta para business/cliente_externo + +### business.cliente_externo.diagnostico.administration-route + +- route_key: `business/cliente_externo/diagnostico` +- tool_id: `mais_humana.admin.diagnostico` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.diagnostic` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-4ed9ff47ee3fd85464663f24` +- source_payload_hash: `4cc11e419ea2d351bf24969c0069e96e5148bd9cb3d3a7c22402a1fa96bc51a3` +- source_records_hash: `4ed9ff47ee3fd85464663f242a336dbf1bcc161e8bffd89146216ec6b905165a` +- next_action: homologar rota administrativa diagnostico para business/cliente_externo + +### business.cliente_externo.explicacao.administration-route + +- route_key: `business/cliente_externo/explicacao` +- tool_id: `mais_humana.admin.explicacao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.explain` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-ed3386af31a57e0f1e8a85e1` +- source_payload_hash: `604dc75b46fbffb86e5dc75e35f1568765d4df639d8d2fe40c9ced7d260b81a9` +- source_records_hash: `ed3386af31a57e0f1e8a85e10e3050fe5a841734ca81d6de175576488f3130bf` +- next_action: homologar rota administrativa explicacao para business/cliente_externo + +### business.contador.acao.administration-route + +- route_key: `business/contador/acao` +- tool_id: `mais_humana.admin.acao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.action.request` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-3952a88a55a389ba02c94786` +- source_payload_hash: `697740da52ce2b2d2099c814cd0ee8327d2ee05c2efe4fe533c5989f8d42336c` +- source_records_hash: `3952a88a55a389ba02c94786f29715a10558b2abe2b7b0895a9da9b4147e9dc3` +- next_action: homologar rota administrativa acao para business/contador + +### business.contador.auditoria.administration-route + +- route_key: `business/contador/auditoria` +- tool_id: `mais_humana.admin.auditoria` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.audit` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-6551171148e282da243a88c9` +- source_payload_hash: `b181759443f41b750ca3fd10486d6cbf6fca84e03be9065784bd0faa77a477f7` +- source_records_hash: `6551171148e282da243a88c951c4f1d66078ecb2300e1c8bb352d428f593e833` +- next_action: homologar rota administrativa auditoria para business/contador + +### business.contador.consulta.administration-route + +- route_key: `business/contador/consulta` +- tool_id: `mais_humana.admin.consulta` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.readonly` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-4854f96ae070f53c5b63c43b` +- source_payload_hash: `c677323d17cd37326c2234178b1f388211236ef398db2923a405642528fa5081` +- source_records_hash: `4854f96ae070f53c5b63c43b7f39746cb76122fb668238776e4ac1aa97f06f90` +- next_action: homologar rota administrativa consulta para business/contador + +### business.contador.diagnostico.administration-route + +- route_key: `business/contador/diagnostico` +- tool_id: `mais_humana.admin.diagnostico` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.diagnostic` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-2cc3eeed20f5d3fc9be99343` +- source_payload_hash: `ab52203f77d128852c2737c5ba76cd6a7cf198037c138087de58be0707d87158` +- source_records_hash: `2cc3eeed20f5d3fc9be99343572adb4b81ef9398cc390649a63fb87d1ea38e50` +- next_action: homologar rota administrativa diagnostico para business/contador + +### business.contador.explicacao.administration-route + +- route_key: `business/contador/explicacao` +- tool_id: `mais_humana.admin.explicacao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.explain` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-748749eeb561e01ef20005bb` +- source_payload_hash: `d2de3b3c80a999b0c23b9f9363bdbd4bce3eae2021f6277fbb589ebe46f07ae7` +- source_records_hash: `748749eeb561e01ef20005bbb8f5dddb0401bfd169b38d0fcd8cd79f1cbd1481` +- next_action: homologar rota administrativa explicacao para business/contador + +### business.financeiro.acao.administration-route + +- route_key: `business/financeiro/acao` +- tool_id: `mais_humana.admin.acao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.action.request` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-e51c9666ddd06faef25356ba` +- source_payload_hash: `9ded2208c5b89a90b5f852c853c4dfe050dc94b2ced5acdeb2575421f6542338` +- source_records_hash: `e51c9666ddd06faef25356baa2a8c4ed1e5ac463ec8477b08ccc55095d49e691` +- next_action: homologar rota administrativa acao para business/financeiro + +### business.financeiro.auditoria.administration-route + +- route_key: `business/financeiro/auditoria` +- tool_id: `mais_humana.admin.auditoria` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.audit` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-ccfd442014b522c5856ea9a8` +- source_payload_hash: `c1f723dba88341dd49d5cf1407b40a229a1b816c2934d28e13420e6947822883` +- source_records_hash: `ccfd442014b522c5856ea9a89e654639a4e3f68767557971a4c1c76f4906fe38` +- next_action: homologar rota administrativa auditoria para business/financeiro + +### business.financeiro.consulta.administration-route + +- route_key: `business/financeiro/consulta` +- tool_id: `mais_humana.admin.consulta` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.readonly` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-149d50ebaae9e2bae7355a28` +- source_payload_hash: `6b22bc7ac53a244090bbebe81dde295aa190863ea735111fa1ad3d7c326baa69` +- source_records_hash: `149d50ebaae9e2bae7355a2829485bc4fa962870a219ff89815c21a86da9ab16` +- next_action: homologar rota administrativa consulta para business/financeiro + +### business.financeiro.diagnostico.administration-route + +- route_key: `business/financeiro/diagnostico` +- tool_id: `mais_humana.admin.diagnostico` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.diagnostic` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-694117dd77a32806ecc05dce` +- source_payload_hash: `d83fc6883a3ace99ce943643c36d71f3d85da960334b5c938f703c961165c78c` +- source_records_hash: `694117dd77a32806ecc05dce5960efba850636030431335b560ad00c0f571505` +- next_action: homologar rota administrativa diagnostico para business/financeiro + +### business.financeiro.explicacao.administration-route + +- route_key: `business/financeiro/explicacao` +- tool_id: `mais_humana.admin.explicacao` +- source_tool_id: `mais_humana.mcp_transit.ledger` +- permission_scope: `mcp.admin.explain` +- same_source: `True` +- status: `ready` +- evidence_id: `evidence-fbd8f174adb84d168c76abc2` +- source_payload_hash: `273dca5b760363ef6e697dc9e2dd31151d2c51680b8abba03e2bdbe6d3031c02` +- source_records_hash: `fbd8f174adb84d168c76abc2de111d9c0acebbce815f045c7127d0d5da344f7d` +- next_action: homologar rota administrativa explicacao para business/financeiro + +## Bloqueios + +- `customer_ops.administrador_empresa.acao.administration-route:maturity_below_8` +- `customer_ops.administrador_empresa.auditoria.administration-route:maturity_below_8` +- `customer_ops.administrador_empresa.consulta.administration-route:maturity_below_8` +- `customer_ops.administrador_empresa.diagnostico.administration-route:maturity_below_8` +- `customer_ops.administrador_empresa.explicacao.administration-route:maturity_below_8` +- `customer_ops.atendimento_cliente.acao.administration-route:maturity_below_8` +- `customer_ops.atendimento_cliente.auditoria.administration-route:maturity_below_8` +- `customer_ops.atendimento_cliente.consulta.administration-route:maturity_below_8` +- `customer_ops.atendimento_cliente.diagnostico.administration-route:maturity_below_8` +- `customer_ops.atendimento_cliente.explicacao.administration-route:maturity_below_8` +- `customer_ops.ceo.acao.administration-route:maturity_below_8` +- `customer_ops.ceo.auditoria.administration-route:maturity_below_8` +- `customer_ops.ceo.consulta.administration-route:maturity_below_8` +- `customer_ops.ceo.diagnostico.administration-route:maturity_below_8` +- `customer_ops.ceo.explicacao.administration-route:maturity_below_8` +- `customer_ops.cliente_externo.acao.administration-route:maturity_below_8` +- `customer_ops.cliente_externo.auditoria.administration-route:maturity_below_8` +- `customer_ops.cliente_externo.consulta.administration-route:maturity_below_8` +- `customer_ops.cliente_externo.diagnostico.administration-route:maturity_below_8` +- `customer_ops.cliente_externo.explicacao.administration-route:maturity_below_8` +- `customer_ops.contador.acao.administration-route:maturity_below_8` +- `customer_ops.contador.auditoria.administration-route:maturity_below_8` +- `customer_ops.contador.consulta.administration-route:maturity_below_8` +- `customer_ops.contador.diagnostico.administration-route:maturity_below_8` +- `customer_ops.contador.explicacao.administration-route:maturity_below_8` +- `customer_ops.financeiro.acao.administration-route:maturity_below_8` +- `customer_ops.financeiro.auditoria.administration-route:maturity_below_8` +- `customer_ops.financeiro.consulta.administration-route:maturity_below_8` +- `customer_ops.financeiro.diagnostico.administration-route:maturity_below_8` +- `customer_ops.financeiro.explicacao.administration-route:maturity_below_8` +- `customer_ops.gestor_operacional.acao.administration-route:maturity_below_8` +- `customer_ops.gestor_operacional.auditoria.administration-route:maturity_below_8` +- `customer_ops.gestor_operacional.consulta.administration-route:maturity_below_8` +- `customer_ops.gestor_operacional.diagnostico.administration-route:maturity_below_8` +- `customer_ops.gestor_operacional.explicacao.administration-route:maturity_below_8` +- `customer_ops.juridico.acao.administration-route:maturity_below_8` +- `customer_ops.juridico.auditoria.administration-route:maturity_below_8` +- `customer_ops.juridico.consulta.administration-route:maturity_below_8` +- `customer_ops.juridico.diagnostico.administration-route:maturity_below_8` +- `customer_ops.juridico.explicacao.administration-route:maturity_below_8` +- `customer_ops.planejamento_estrategico.acao.administration-route:maturity_below_8` +- `customer_ops.planejamento_estrategico.auditoria.administration-route:maturity_below_8` +- `customer_ops.planejamento_estrategico.consulta.administration-route:maturity_below_8` +- `customer_ops.planejamento_estrategico.diagnostico.administration-route:maturity_below_8` +- `customer_ops.planejamento_estrategico.explicacao.administration-route:maturity_below_8` +- `customer_ops.secretaria.acao.administration-route:maturity_below_8` +- `customer_ops.secretaria.auditoria.administration-route:maturity_below_8` +- `customer_ops.secretaria.consulta.administration-route:maturity_below_8` +- `customer_ops.secretaria.diagnostico.administration-route:maturity_below_8` +- `customer_ops.secretaria.explicacao.administration-route:maturity_below_8` +- `customer_ops.suporte.acao.administration-route:maturity_below_8` +- `customer_ops.suporte.auditoria.administration-route:maturity_below_8` +- `customer_ops.suporte.consulta.administration-route:maturity_below_8` +- `customer_ops.suporte.diagnostico.administration-route:maturity_below_8` +- `customer_ops.suporte.explicacao.administration-route:maturity_below_8` +- `customer_ops.tecnico.acao.administration-route:maturity_below_8` +- `customer_ops.tecnico.auditoria.administration-route:maturity_below_8` +- `customer_ops.tecnico.consulta.administration-route:maturity_below_8` +- `customer_ops.tecnico.diagnostico.administration-route:maturity_below_8` +- `customer_ops.tecnico.explicacao.administration-route:maturity_below_8` +- `customer_ops.usuario_final.acao.administration-route:maturity_below_8` +- `customer_ops.usuario_final.auditoria.administration-route:maturity_below_8` +- `customer_ops.usuario_final.consulta.administration-route:maturity_below_8` +- `customer_ops.usuario_final.diagnostico.administration-route:maturity_below_8` +- `customer_ops.usuario_final.explicacao.administration-route:maturity_below_8` +- `docs.administrador_empresa.acao.administration-route:maturity_below_8` +- `docs.administrador_empresa.auditoria.administration-route:maturity_below_8` +- `docs.administrador_empresa.consulta.administration-route:maturity_below_8` +- `docs.administrador_empresa.diagnostico.administration-route:maturity_below_8` +- `docs.administrador_empresa.explicacao.administration-route:maturity_below_8` +- `docs.atendimento_cliente.acao.administration-route:maturity_below_8` +- `docs.atendimento_cliente.auditoria.administration-route:maturity_below_8` +- `docs.atendimento_cliente.consulta.administration-route:maturity_below_8` +- `docs.atendimento_cliente.diagnostico.administration-route:maturity_below_8` +- `docs.atendimento_cliente.explicacao.administration-route:maturity_below_8` +- `docs.ceo.acao.administration-route:maturity_below_8` +- `docs.ceo.auditoria.administration-route:maturity_below_8` +- `docs.ceo.consulta.administration-route:maturity_below_8` +- `docs.ceo.diagnostico.administration-route:maturity_below_8` +- `docs.ceo.explicacao.administration-route:maturity_below_8` + +## Regra operacional + +- Toda consulta, diagnostico, acao, auditoria e explicacao interplataforma deve transitar pelo MCPs Internos. +- Cada caso preserva origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp. +- Valores de segredo bruto nao fazem parte deste catalogo; evidencias usam hashes, traceId, auditId e refs opacas. diff --git a/ecossistema/MCP-GATEWAY-ACCESS-POLICY.md b/ecossistema/MCP-GATEWAY-ACCESS-POLICY.md index 741fd8f..2cb44d9 100644 --- a/ecossistema/MCP-GATEWAY-ACCESS-POLICY.md +++ b/ecossistema/MCP-GATEWAY-ACCESS-POLICY.md @@ -1,7 +1,7 @@ # Politica de acesso GPT/MCP Gateway -- report_id: `mcp-gateway-access-policy-4c43fecbfdf4364a` -- generated_at: `2026-05-02T05:37:02+00:00` +- report_id: `mcp-gateway-access-policy-04b8ffe11da10aa6` +- generated_at: `2026-05-02T06:07:20+00:00` - policy_version: `mcp-gateway-access-policy.v1` - endpoint: `https://mcps-gateway.ami-app.workers.dev/v1/execute` - status: `passed` diff --git a/ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md b/ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md index ecc9a62..b233a2d 100644 --- a/ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md +++ b/ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md @@ -1,7 +1,7 @@ # Gate de publicacao MCP Mais Humana -- report_id: `mcp-publication-gate-2026-05-02t0536460000` -- generated_at: `2026-05-02T05:36:46+00:00` +- report_id: `mcp-publication-gate-2026-05-02t0607100000` +- generated_at: `2026-05-02T06:07:10+00:00` - provider_id: `mais_humana` - current_project_id: `tudo-para-ia-mais-humana` - canonical_project_id: `tudo-para-ia-mais-humana-platform` @@ -38,7 +38,6 @@ - account_id: `nao_confirmada` - deploy_dry_run_ok: `False` - blockers: - - `runner_node_esbuild_spawn_eperm` - `wrangler_auth_not_confirmed` ## Probes live @@ -88,7 +87,7 @@ ### 0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais - status: `blocked` -- motivo: fetch/push remoto falhou por SEC_E_NO_CREDENTIALS; repo real local 0/0 antes das mudancas; central divergente 5/10 +- motivo: fetch/push bloqueados por SEC_E_NO_CREDENTIALS e FETCH_HEAD/index.lock conforme auditoria segura - evidencias: `git_sync_status` - proxima_acao: corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo @@ -143,7 +142,6 @@ ## Blockers -- `runner_node_esbuild_spawn_eperm` - `wrangler_auth_not_confirmed` - `canonical_name_requires_institutional_decision` - `git_sync_blocked` diff --git a/ecossistema/TARGETED-SYNC-AUDIT.md b/ecossistema/TARGETED-SYNC-AUDIT.md index de495a0..391933d 100644 --- a/ecossistema/TARGETED-SYNC-AUDIT.md +++ b/ecossistema/TARGETED-SYNC-AUDIT.md @@ -1,7 +1,7 @@ # Targeted Git Sync Audit -- report_id: `targeted-sync-audit-240594061246` -- generated_at: `2026-05-02T05:50:23+00:00` +- report_id: `targeted-sync-audit-198691462817` +- generated_at: `2026-05-02T06:07:41+00:00` - status: `diverged` - fetch: `True` @@ -22,7 +22,7 @@ - exists: `True` - git: `True` - branch: `main` -- head: `6b0442f1d01f` +- head: `4a168272e6a3` - ahead: `0` - behind: `0` - dirty: `True` @@ -45,7 +45,7 @@ - head: `372018a349e8` - ahead: `0` - behind: `0` -- dirty: `False` +- dirty: `True` - origin: `https://git.ami.app.br/admin/tudo-para-ia-mcps-internos-plataform.git` - expected_origin: `https://git.ami.app.br/admin/tudo-para-ia-mcps-internos-plataform.git` - status: `acl_blocked` @@ -62,7 +62,7 @@ - exists: `True` - git: `True` - branch: `main` -- head: `983cd12f103b` +- head: `c4f03f2006a3` - ahead: `11` - behind: `5` - dirty: `True` diff --git a/ecossistema/WORKSPACE-HYGIENE-REPORT.md b/ecossistema/WORKSPACE-HYGIENE-REPORT.md index 64e0abf..750596f 100644 --- a/ecossistema/WORKSPACE-HYGIENE-REPORT.md +++ b/ecossistema/WORKSPACE-HYGIENE-REPORT.md @@ -1,7 +1,7 @@ # Workspace Hygiene Report -- report_id: `workspace-hygiene-454852741717` -- generated_at: `2026-05-02T05:53:28+00:00` +- report_id: `workspace-hygiene-710614943330` +- generated_at: `2026-05-02T06:07:53+00:00` - project_root: `G:\_codex-git\tudo-para-ia-mais-humana` - central_platform_folder: `G:\_codex-git\nucleo-gestao-operacional\central-de-ordem-de-servico\projects\15_repo_tudo-para-ia-mais-humana-platform` - status: `blocked` @@ -27,8 +27,8 @@ - applied: `True` - deleted: `False` - exists_after: `True` -- children_before: `1309` -- bytes_before: `59624382` +- children_before: `363` +- bytes_before: `1275036` - note: artifact retained by ACL or filesystem lock - error: `PermissionError: [WinError 5] Acesso negado: 'G:\\_codex-git\\tudo-para-ia-mais-humana\\.test-tmp\\tmpnk6r4sdb'` - footprint_errors: diff --git a/matrizes/mcp-admin-route-acceptance.csv b/matrizes/mcp-admin-route-acceptance.csv new file mode 100644 index 0000000..f544bba --- /dev/null +++ b/matrizes/mcp-admin-route-acceptance.csv @@ -0,0 +1,911 @@ +route_id,platform_id,profile_id,operation,tool_id,permission_scope,same_source,status,approval_required,dry_run_supported,evidence_id,blockers +business.administrador_empresa.acao.administration-route,business,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-ad52ab3aec8c146ff3726b2d, +business.administrador_empresa.auditoria.administration-route,business,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-10ecf5e6942e1370acc44c11, +business.administrador_empresa.consulta.administration-route,business,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-587d659a4c282c7715078021, +business.administrador_empresa.diagnostico.administration-route,business,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-c7ded42ea265be003bb113b6, +business.administrador_empresa.explicacao.administration-route,business,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-63d6d7de2ac68232ac3c862c, +business.atendimento_cliente.acao.administration-route,business,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-7c7be84ac6782615dfeb38d9, +business.atendimento_cliente.auditoria.administration-route,business,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-4e8c564a2d995bc53735548e, +business.atendimento_cliente.consulta.administration-route,business,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7edecd401588f6ec8c809e03, +business.atendimento_cliente.diagnostico.administration-route,business,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-0d6b7f9fd95b804d2c99c89d, +business.atendimento_cliente.explicacao.administration-route,business,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8efd2d3db8c8e36d1737e931, +business.ceo.acao.administration-route,business,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-8663f918eaf543ba853f6b17, +business.ceo.auditoria.administration-route,business,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-8626f5e4b0fab4f7034f59d5, +business.ceo.consulta.administration-route,business,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-a1b5c73faabc9adb8acba4f6, +business.ceo.diagnostico.administration-route,business,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-97bf7c4fef545240d91a0d67, +business.ceo.explicacao.administration-route,business,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-4910d766c7e8e6539ed20de3, +business.cliente_externo.acao.administration-route,business,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-99b8fc9b9bb54a227950015d, +business.cliente_externo.auditoria.administration-route,business,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-432a6b6a41e60ad56931f6d8, +business.cliente_externo.consulta.administration-route,business,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-dfbddc7a711dcfb103a8f023, +business.cliente_externo.diagnostico.administration-route,business,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-4ed9ff47ee3fd85464663f24, +business.cliente_externo.explicacao.administration-route,business,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-ed3386af31a57e0f1e8a85e1, +business.contador.acao.administration-route,business,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-3952a88a55a389ba02c94786, +business.contador.auditoria.administration-route,business,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-6551171148e282da243a88c9, +business.contador.consulta.administration-route,business,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-4854f96ae070f53c5b63c43b, +business.contador.diagnostico.administration-route,business,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-2cc3eeed20f5d3fc9be99343, +business.contador.explicacao.administration-route,business,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-748749eeb561e01ef20005bb, +business.financeiro.acao.administration-route,business,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-e51c9666ddd06faef25356ba, +business.financeiro.auditoria.administration-route,business,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-ccfd442014b522c5856ea9a8, +business.financeiro.consulta.administration-route,business,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-149d50ebaae9e2bae7355a28, +business.financeiro.diagnostico.administration-route,business,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-694117dd77a32806ecc05dce, +business.financeiro.explicacao.administration-route,business,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-fbd8f174adb84d168c76abc2, +business.gestor_operacional.acao.administration-route,business,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-8343bb447358e74b5ecfa543, +business.gestor_operacional.auditoria.administration-route,business,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-b3a23a04fbfaeefa95b09e65, +business.gestor_operacional.consulta.administration-route,business,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-9869f60d582b7641ac3b4dd9, +business.gestor_operacional.diagnostico.administration-route,business,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-7be9f47cb88e75fb8f69233f, +business.gestor_operacional.explicacao.administration-route,business,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-abde2bf9dad152aadfdffc7e, +business.juridico.acao.administration-route,business,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-8be1ae4a33a9739b2c85887d, +business.juridico.auditoria.administration-route,business,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-a72cb70547a448771ad3ee97, +business.juridico.consulta.administration-route,business,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-cd4d3d5472947cbbf54e313e, +business.juridico.diagnostico.administration-route,business,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-d84aa405d12bd4d3a52e0f62, +business.juridico.explicacao.administration-route,business,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-1406eecf16ebedce04528310, +business.planejamento_estrategico.acao.administration-route,business,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-ee7fa3972d690dad1a9f6be2, +business.planejamento_estrategico.auditoria.administration-route,business,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-0c08c37c640031563180c4c9, +business.planejamento_estrategico.consulta.administration-route,business,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-42e6ef74d938c77746cdb72c, +business.planejamento_estrategico.diagnostico.administration-route,business,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-a636fc25bd02c4ffb16c6962, +business.planejamento_estrategico.explicacao.administration-route,business,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-390f4acf1816ed6b560751a4, +business.secretaria.acao.administration-route,business,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-9e23c6cdbe89617a2dde08e0, +business.secretaria.auditoria.administration-route,business,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-45083e2a5123c61a5547e5c9, +business.secretaria.consulta.administration-route,business,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-5621cbe62605d3c619f2f2b3, +business.secretaria.diagnostico.administration-route,business,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-e8987454edc7c9c674750669, +business.secretaria.explicacao.administration-route,business,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-6f5bef2eb928bbad1f1065c0, +business.suporte.acao.administration-route,business,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-029f16f1af46ae6578c54d12, +business.suporte.auditoria.administration-route,business,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-237e8bbe3e47bbb682b5ea44, +business.suporte.consulta.administration-route,business,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-c66881c2529beb1c3187927b, +business.suporte.diagnostico.administration-route,business,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-a00b226d05e4c8d75f5d85f3, +business.suporte.explicacao.administration-route,business,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-d79ebee53e8c208df54686a9, +business.tecnico.acao.administration-route,business,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-883daaaa95091e12b865b607, +business.tecnico.auditoria.administration-route,business,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-674a5a24f73ed1dfd48eae49, +business.tecnico.consulta.administration-route,business,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-432c72168bf314152e9bdf8e, +business.tecnico.diagnostico.administration-route,business,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-faeee54c17c05c63d6eb6b88, +business.tecnico.explicacao.administration-route,business,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-07fba005b74fd872345c580b, +business.usuario_final.acao.administration-route,business,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-c6e6037125061adc5ed6736e, +business.usuario_final.auditoria.administration-route,business,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-7a9c2f9fd20b59812fbf675f, +business.usuario_final.consulta.administration-route,business,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-6a25903178ca93b54c7673bf, +business.usuario_final.diagnostico.administration-route,business,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-552723b48fd546501370a743, +business.usuario_final.explicacao.administration-route,business,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-372fc021da7ae4a961bca34c, +compliance.administrador_empresa.acao.administration-route,compliance,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-421d97740c6c748241218cd9, +compliance.administrador_empresa.auditoria.administration-route,compliance,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-da71a08a14a5361908269daa, +compliance.administrador_empresa.consulta.administration-route,compliance,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-5e1ee3a252953bb0ffa17332, +compliance.administrador_empresa.diagnostico.administration-route,compliance,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-d3d75fba0ce5ad7c088fabc2, +compliance.administrador_empresa.explicacao.administration-route,compliance,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-30d751c14e86489cc2b32207, +compliance.atendimento_cliente.acao.administration-route,compliance,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-a0e0d70a285e01aa52447123, +compliance.atendimento_cliente.auditoria.administration-route,compliance,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-e6a362f1d2d20a36edfec854, +compliance.atendimento_cliente.consulta.administration-route,compliance,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-b55c69456db525ee2dbf1c8f, +compliance.atendimento_cliente.diagnostico.administration-route,compliance,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-f88ddce83206fbf947371a12, +compliance.atendimento_cliente.explicacao.administration-route,compliance,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-6d9a659e6b5160cc17b38283, +compliance.ceo.acao.administration-route,compliance,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-6fcfe225f146ea6387759298, +compliance.ceo.auditoria.administration-route,compliance,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-2a2a08255aa813ef65a426bd, +compliance.ceo.consulta.administration-route,compliance,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-992f04a502f6ddd9daf0b97b, +compliance.ceo.diagnostico.administration-route,compliance,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-9738c928212fa58c6b0a53fc, +compliance.ceo.explicacao.administration-route,compliance,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-d360c27674acf2dc72bf64f8, +compliance.cliente_externo.acao.administration-route,compliance,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-043eb1e6a85bfc8da961f435, +compliance.cliente_externo.auditoria.administration-route,compliance,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-fccdeeffbefda06bfc324d12, +compliance.cliente_externo.consulta.administration-route,compliance,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-db5b3feefe77274a7ee958dd, +compliance.cliente_externo.diagnostico.administration-route,compliance,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-a7c2e4b1a1a9b7efccef8ef7, +compliance.cliente_externo.explicacao.administration-route,compliance,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-0769489680cf26dec1527f6e, +compliance.contador.acao.administration-route,compliance,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-e1574481a65786a59e8667be, +compliance.contador.auditoria.administration-route,compliance,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-dfc305d7e6bc414380927365, +compliance.contador.consulta.administration-route,compliance,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-a781034adf6a863661f74c40, +compliance.contador.diagnostico.administration-route,compliance,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-3096bca3fbed3d072f4ba9c0, +compliance.contador.explicacao.administration-route,compliance,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-4a9d30a7a3d2c99afe6519be, +compliance.financeiro.acao.administration-route,compliance,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-d9b19d82ef0a09658c9c29cd, +compliance.financeiro.auditoria.administration-route,compliance,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-711c0bd1b8ce79facd1a08b9, +compliance.financeiro.consulta.administration-route,compliance,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7fbb7dd1323952eeea9a0e1a, +compliance.financeiro.diagnostico.administration-route,compliance,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ca5156c0c8582f5c6e2fb561, +compliance.financeiro.explicacao.administration-route,compliance,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-04399664610dafb4342c7fe8, +compliance.gestor_operacional.acao.administration-route,compliance,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-2c706d2f0f15d65a86425a7e, +compliance.gestor_operacional.auditoria.administration-route,compliance,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-626f043679ceb73668a44c49, +compliance.gestor_operacional.consulta.administration-route,compliance,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-71e9470868e3cd5cee4dcb5d, +compliance.gestor_operacional.diagnostico.administration-route,compliance,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-3965499d44e0f059e2dd2754, +compliance.gestor_operacional.explicacao.administration-route,compliance,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-b2d18bdce27cf85ebc603fc9, +compliance.juridico.acao.administration-route,compliance,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-6d4a344f9a12d1c66d4e3ec6, +compliance.juridico.auditoria.administration-route,compliance,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-2985d0c7dda4c233b2fc59bd, +compliance.juridico.consulta.administration-route,compliance,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-e390831e33de80045514040f, +compliance.juridico.diagnostico.administration-route,compliance,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-c4e66185cdf949f41f90a1ab, +compliance.juridico.explicacao.administration-route,compliance,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-fbe864cfa750654d5741a786, +compliance.planejamento_estrategico.acao.administration-route,compliance,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-ad8ccf701e72652bcae80479, +compliance.planejamento_estrategico.auditoria.administration-route,compliance,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-1e1b61e5839fae182833c595, +compliance.planejamento_estrategico.consulta.administration-route,compliance,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-e9e5e308341227e00a81a581, +compliance.planejamento_estrategico.diagnostico.administration-route,compliance,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-d219cbd8676c8a88b6927520, +compliance.planejamento_estrategico.explicacao.administration-route,compliance,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-17931610f091a97b1be26182, +compliance.secretaria.acao.administration-route,compliance,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-afb2d9e11859c0d9118a0a0e, +compliance.secretaria.auditoria.administration-route,compliance,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-ceff2af0341593dba74f07cf, +compliance.secretaria.consulta.administration-route,compliance,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-f3d917611ef8bb62c667c747, +compliance.secretaria.diagnostico.administration-route,compliance,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-2a2120f5e6ac500183f8afec, +compliance.secretaria.explicacao.administration-route,compliance,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-1a75fbf206a46a3a867c7f40, +compliance.suporte.acao.administration-route,compliance,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-36499e555d54edeb736f7f8c, +compliance.suporte.auditoria.administration-route,compliance,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-b55cf00e3af8f4ec5e2b8325, +compliance.suporte.consulta.administration-route,compliance,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-298456292b7717b5c5174ec5, +compliance.suporte.diagnostico.administration-route,compliance,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-b67a15a015b3928efc9c4923, +compliance.suporte.explicacao.administration-route,compliance,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-0583bdb82cfbcaec1bfaf870, +compliance.tecnico.acao.administration-route,compliance,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-432adc362307bf454e5eaecd, +compliance.tecnico.auditoria.administration-route,compliance,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-85f41fc0321d80acf250f8e7, +compliance.tecnico.consulta.administration-route,compliance,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-1ee8f578bc1ac6696743b052, +compliance.tecnico.diagnostico.administration-route,compliance,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-8c3d7261a3b3bd85d5cd0cdf, +compliance.tecnico.explicacao.administration-route,compliance,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-2dc1cd5321b9d6cec0531dc7, +compliance.usuario_final.acao.administration-route,compliance,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-c7cdfee0b4d9f6cd6e87276f, +compliance.usuario_final.auditoria.administration-route,compliance,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-103e9ec85a4139f2c1f90e5e, +compliance.usuario_final.consulta.administration-route,compliance,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-8fbc6cc1a391d5e6b10ba806, +compliance.usuario_final.diagnostico.administration-route,compliance,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-491d3e48c0831656557569f6, +compliance.usuario_final.explicacao.administration-route,compliance,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-a123e8b4980eb0a70baf654e, +customer_ops.administrador_empresa.acao.administration-route,customer_ops,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-cfcfeb945715dbfc0766a857,maturity_below_8 +customer_ops.administrador_empresa.auditoria.administration-route,customer_ops,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-468e669a7a4d6c1dbb36243d,maturity_below_8 +customer_ops.administrador_empresa.consulta.administration-route,customer_ops,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-654beed97df178ac4c88a751,maturity_below_8 +customer_ops.administrador_empresa.diagnostico.administration-route,customer_ops,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-9465b99e620ea05fe947c33f,maturity_below_8 +customer_ops.administrador_empresa.explicacao.administration-route,customer_ops,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-27c9d015e9618c378e15dbd6,maturity_below_8 +customer_ops.atendimento_cliente.acao.administration-route,customer_ops,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-2fe2360c6250de2eb1f30181,maturity_below_8 +customer_ops.atendimento_cliente.auditoria.administration-route,customer_ops,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-0776a8e2baa4630815cfdf85,maturity_below_8 +customer_ops.atendimento_cliente.consulta.administration-route,customer_ops,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-23eb68b688a8b03a87bf3b13,maturity_below_8 +customer_ops.atendimento_cliente.diagnostico.administration-route,customer_ops,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-ec92a38c6b6cd50ed89669ee,maturity_below_8 +customer_ops.atendimento_cliente.explicacao.administration-route,customer_ops,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-710714600cb92cdaf2cad420,maturity_below_8 +customer_ops.ceo.acao.administration-route,customer_ops,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-50c1d4a820de5a5e7a8e79ae,maturity_below_8 +customer_ops.ceo.auditoria.administration-route,customer_ops,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-81965d72ac4413a0fa2ca2c2,maturity_below_8 +customer_ops.ceo.consulta.administration-route,customer_ops,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-ade72ce74cc7805bf495104b,maturity_below_8 +customer_ops.ceo.diagnostico.administration-route,customer_ops,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-f076dbfe397fd7afea49aa3d,maturity_below_8 +customer_ops.ceo.explicacao.administration-route,customer_ops,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-b0d799e832af5c83c87bbcac,maturity_below_8 +customer_ops.cliente_externo.acao.administration-route,customer_ops,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-bc207d782a8726b9db91e6ce,maturity_below_8 +customer_ops.cliente_externo.auditoria.administration-route,customer_ops,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-4ab85da4dd69c9cef99fee4f,maturity_below_8 +customer_ops.cliente_externo.consulta.administration-route,customer_ops,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-0bc254b2277212e67e2ae537,maturity_below_8 +customer_ops.cliente_externo.diagnostico.administration-route,customer_ops,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-53694f2ffdc929ba98eda46d,maturity_below_8 +customer_ops.cliente_externo.explicacao.administration-route,customer_ops,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-5c562be9ba099c04c217ba8b,maturity_below_8 +customer_ops.contador.acao.administration-route,customer_ops,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-042ff382a6edabae3613535e,maturity_below_8 +customer_ops.contador.auditoria.administration-route,customer_ops,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-b93f8a01c9d540c28d8b5229,maturity_below_8 +customer_ops.contador.consulta.administration-route,customer_ops,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-279c334c9e614b70d9427d46,maturity_below_8 +customer_ops.contador.diagnostico.administration-route,customer_ops,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-3f577d0017c4985c273ccbec,maturity_below_8 +customer_ops.contador.explicacao.administration-route,customer_ops,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-1a47beafdef3e1a0a65b75d5,maturity_below_8 +customer_ops.financeiro.acao.administration-route,customer_ops,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-305f88a181f8985a6201d6c0,maturity_below_8 +customer_ops.financeiro.auditoria.administration-route,customer_ops,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-2efe75c71423ea0598e808d3,maturity_below_8 +customer_ops.financeiro.consulta.administration-route,customer_ops,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-d2097a7a63a08afd4951e8fd,maturity_below_8 +customer_ops.financeiro.diagnostico.administration-route,customer_ops,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-104291093758ff8329e6cbc6,maturity_below_8 +customer_ops.financeiro.explicacao.administration-route,customer_ops,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-6e84d5e470ce7939a57d3ec9,maturity_below_8 +customer_ops.gestor_operacional.acao.administration-route,customer_ops,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-7f0881bfb3619f4dec476864,maturity_below_8 +customer_ops.gestor_operacional.auditoria.administration-route,customer_ops,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-9fb1d527646472a7c7af2cce,maturity_below_8 +customer_ops.gestor_operacional.consulta.administration-route,customer_ops,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-0ae3a709640c3798f99ae379,maturity_below_8 +customer_ops.gestor_operacional.diagnostico.administration-route,customer_ops,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-de8fb670eb2d0dcc27a08a07,maturity_below_8 +customer_ops.gestor_operacional.explicacao.administration-route,customer_ops,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-3b2b448497187bfb4a9f744b,maturity_below_8 +customer_ops.juridico.acao.administration-route,customer_ops,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-b2b72c38292c8cdea1f2c0f9,maturity_below_8 +customer_ops.juridico.auditoria.administration-route,customer_ops,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-325cae668e905bccd35f1299,maturity_below_8 +customer_ops.juridico.consulta.administration-route,customer_ops,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-1f04cee2aa4c57755f5cf582,maturity_below_8 +customer_ops.juridico.diagnostico.administration-route,customer_ops,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-16b20b7ee526401cda57cbac,maturity_below_8 +customer_ops.juridico.explicacao.administration-route,customer_ops,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-054cb845a74693e4c6ec1481,maturity_below_8 +customer_ops.planejamento_estrategico.acao.administration-route,customer_ops,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-1d51ee78a02f8503afd1eb7b,maturity_below_8 +customer_ops.planejamento_estrategico.auditoria.administration-route,customer_ops,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-7eed4790f072dcb8e0b59e21,maturity_below_8 +customer_ops.planejamento_estrategico.consulta.administration-route,customer_ops,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-ad35a0a7546fc0eed9cb563a,maturity_below_8 +customer_ops.planejamento_estrategico.diagnostico.administration-route,customer_ops,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-8dd56592a613ae636ad2a963,maturity_below_8 +customer_ops.planejamento_estrategico.explicacao.administration-route,customer_ops,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-0e604eb186424a33806ff70a,maturity_below_8 +customer_ops.secretaria.acao.administration-route,customer_ops,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-26ac7a0d6bd3e77ae069e991,maturity_below_8 +customer_ops.secretaria.auditoria.administration-route,customer_ops,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-cd101b589d331f5f5b87dc4f,maturity_below_8 +customer_ops.secretaria.consulta.administration-route,customer_ops,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-93bd4a0806d561c188583260,maturity_below_8 +customer_ops.secretaria.diagnostico.administration-route,customer_ops,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-77a2899e4dab10b18f960f58,maturity_below_8 +customer_ops.secretaria.explicacao.administration-route,customer_ops,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-7d90a286850ff8112e488c11,maturity_below_8 +customer_ops.suporte.acao.administration-route,customer_ops,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-683610d7053f20960e3c1638,maturity_below_8 +customer_ops.suporte.auditoria.administration-route,customer_ops,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-d730899874ccefa4b86e0eeb,maturity_below_8 +customer_ops.suporte.consulta.administration-route,customer_ops,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-255f9f411542bd8b5b1c2a1a,maturity_below_8 +customer_ops.suporte.diagnostico.administration-route,customer_ops,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-a5f945299a57272bf2d04ac2,maturity_below_8 +customer_ops.suporte.explicacao.administration-route,customer_ops,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-e0fc3225de9f64ceed1d77a5,maturity_below_8 +customer_ops.tecnico.acao.administration-route,customer_ops,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-0200da8bc80defc164ea558c,maturity_below_8 +customer_ops.tecnico.auditoria.administration-route,customer_ops,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-99d4a0444c730aa93771554d,maturity_below_8 +customer_ops.tecnico.consulta.administration-route,customer_ops,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-1632aeaab72071db338c0d2f,maturity_below_8 +customer_ops.tecnico.diagnostico.administration-route,customer_ops,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-e900ce6ed1e99a2e2c7a72d6,maturity_below_8 +customer_ops.tecnico.explicacao.administration-route,customer_ops,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-ee21a5df3701899e3850e4bb,maturity_below_8 +customer_ops.usuario_final.acao.administration-route,customer_ops,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-55adffc1b77d4e8924bfa670,maturity_below_8 +customer_ops.usuario_final.auditoria.administration-route,customer_ops,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-254c261b8f7a5d2b76701628,maturity_below_8 +customer_ops.usuario_final.consulta.administration-route,customer_ops,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-8ae008cd96f6ffc8367f9443,maturity_below_8 +customer_ops.usuario_final.diagnostico.administration-route,customer_ops,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-541862d614510bc0e11a0637,maturity_below_8 +customer_ops.usuario_final.explicacao.administration-route,customer_ops,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-e650336a942449a3c3a6dd14,maturity_below_8 +docs.administrador_empresa.acao.administration-route,docs,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-346940b4ec21092bbfdc964b,maturity_below_8 +docs.administrador_empresa.auditoria.administration-route,docs,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-cf3c26e318de54359670b6cb,maturity_below_8 +docs.administrador_empresa.consulta.administration-route,docs,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-4db47c363333808ece2f256a,maturity_below_8 +docs.administrador_empresa.diagnostico.administration-route,docs,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-9efec5d28bfccb7405ae99fd,maturity_below_8 +docs.administrador_empresa.explicacao.administration-route,docs,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-cb60086f8807bc578abec35a,maturity_below_8 +docs.atendimento_cliente.acao.administration-route,docs,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-8a25c8efd479919c831b4943,maturity_below_8 +docs.atendimento_cliente.auditoria.administration-route,docs,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-812f94916921fb1b58fe7eca,maturity_below_8 +docs.atendimento_cliente.consulta.administration-route,docs,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-b57635f4d81c23f26e4b069e,maturity_below_8 +docs.atendimento_cliente.diagnostico.administration-route,docs,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-717faafd09a806dd68b2ff10,maturity_below_8 +docs.atendimento_cliente.explicacao.administration-route,docs,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-d0df968c0b527fc5ae5c59a2,maturity_below_8 +docs.ceo.acao.administration-route,docs,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-301023501546306b1430cf93,maturity_below_8 +docs.ceo.auditoria.administration-route,docs,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-6e1d29531c86f3bfb0536315,maturity_below_8 +docs.ceo.consulta.administration-route,docs,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-d60614d35da495f081522b67,maturity_below_8 +docs.ceo.diagnostico.administration-route,docs,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-666b7fd7d72cefd7a4d430b7,maturity_below_8 +docs.ceo.explicacao.administration-route,docs,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-b80ee7036757ea7268212e4a,maturity_below_8 +docs.cliente_externo.acao.administration-route,docs,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-7138a913f72eb38338317af5,maturity_below_8 +docs.cliente_externo.auditoria.administration-route,docs,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-1fe4ea929dcb93c81aa2f218,maturity_below_8 +docs.cliente_externo.consulta.administration-route,docs,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-04942a2e3a4ebff69a11080f,maturity_below_8 +docs.cliente_externo.diagnostico.administration-route,docs,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-e304491952bf6c0558924429,maturity_below_8 +docs.cliente_externo.explicacao.administration-route,docs,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-d371ffd6817c5f0a60e46211,maturity_below_8 +docs.contador.acao.administration-route,docs,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-e97230fe93815d5dafa75afa,maturity_below_8 +docs.contador.auditoria.administration-route,docs,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-bda0cd7ec5af6ee616308b82,maturity_below_8 +docs.contador.consulta.administration-route,docs,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-12c2eb08dfc32437f756dbf2,maturity_below_8 +docs.contador.diagnostico.administration-route,docs,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-6fdc8d784099893a7dd90395,maturity_below_8 +docs.contador.explicacao.administration-route,docs,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-88096c6c37b2d692fc5519bb,maturity_below_8 +docs.financeiro.acao.administration-route,docs,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-e889f2a8edea53987af6e37a,maturity_below_8 +docs.financeiro.auditoria.administration-route,docs,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-8095558a1f35dbf8285f9b79,maturity_below_8 +docs.financeiro.consulta.administration-route,docs,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-c188f72ca7db6298f05a50bc,maturity_below_8 +docs.financeiro.diagnostico.administration-route,docs,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-4eb71444857f2ba191fd98b7,maturity_below_8 +docs.financeiro.explicacao.administration-route,docs,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-133397aabb5a6d639a379379,maturity_below_8 +docs.gestor_operacional.acao.administration-route,docs,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-59450bb08828a812f44adb14,maturity_below_8 +docs.gestor_operacional.auditoria.administration-route,docs,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-4b4935a69b738c2a9be0067b,maturity_below_8 +docs.gestor_operacional.consulta.administration-route,docs,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-9526a5b2284ad5bb22c88c5c,maturity_below_8 +docs.gestor_operacional.diagnostico.administration-route,docs,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-d1b18664677146e54259337f,maturity_below_8 +docs.gestor_operacional.explicacao.administration-route,docs,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-3e6c28d4102456c4c4c17b12,maturity_below_8 +docs.juridico.acao.administration-route,docs,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-50cfb7ba141c7c3fe5dfaac8,maturity_below_8 +docs.juridico.auditoria.administration-route,docs,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-936945b085492100eb39b161,maturity_below_8 +docs.juridico.consulta.administration-route,docs,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-ff1b6e665019433e90f89703,maturity_below_8 +docs.juridico.diagnostico.administration-route,docs,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-8f39fb7c8e2a0a5e64899184,maturity_below_8 +docs.juridico.explicacao.administration-route,docs,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-7c971e0b11f4de780e337b20,maturity_below_8 +docs.planejamento_estrategico.acao.administration-route,docs,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-735be2e45e8c23c5fe4b141e,maturity_below_8 +docs.planejamento_estrategico.auditoria.administration-route,docs,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-229234188a3c8d1b6d1a3e47,maturity_below_8 +docs.planejamento_estrategico.consulta.administration-route,docs,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-34fd3dac4f4b60b2a0fd98b1,maturity_below_8 +docs.planejamento_estrategico.diagnostico.administration-route,docs,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-f8cc3dfe95b031376ffada32,maturity_below_8 +docs.planejamento_estrategico.explicacao.administration-route,docs,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-70489882ca4c9756f7e1ac67,maturity_below_8 +docs.secretaria.acao.administration-route,docs,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-6b045129a059adbffe57ef0b,maturity_below_8 +docs.secretaria.auditoria.administration-route,docs,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-b186e63f8b05e7c023fa2282,maturity_below_8 +docs.secretaria.consulta.administration-route,docs,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-58a034366677b0414fd430c6,maturity_below_8 +docs.secretaria.diagnostico.administration-route,docs,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-f6fce1cefb9a943c703137c6,maturity_below_8 +docs.secretaria.explicacao.administration-route,docs,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-0d09ca758e0d3ab2ba5cfd6b,maturity_below_8 +docs.suporte.acao.administration-route,docs,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-c9a09bf7bce8d3d33437d2cc,maturity_below_8 +docs.suporte.auditoria.administration-route,docs,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-213670f82d95b62d4a262e7e,maturity_below_8 +docs.suporte.consulta.administration-route,docs,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-11b1f7565fb6bf904abb32f6,maturity_below_8 +docs.suporte.diagnostico.administration-route,docs,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-5763dd2323a382f21ba15caa,maturity_below_8 +docs.suporte.explicacao.administration-route,docs,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-1d9eaa2f127220ba329b6159,maturity_below_8 +docs.tecnico.acao.administration-route,docs,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-a584cab7ba1b8e4d91ca9a5a,maturity_below_8 +docs.tecnico.auditoria.administration-route,docs,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-d5f04b4aa13463904c3bea82,maturity_below_8 +docs.tecnico.consulta.administration-route,docs,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-a5b577fbe8193a3dd934acaa,maturity_below_8 +docs.tecnico.diagnostico.administration-route,docs,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-00d42e7f01430a491fbf0902,maturity_below_8 +docs.tecnico.explicacao.administration-route,docs,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-65ae021ccc43f608782efc48,maturity_below_8 +docs.usuario_final.acao.administration-route,docs,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-8bcb657d48af6a2f7b871020,maturity_below_8 +docs.usuario_final.auditoria.administration-route,docs,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-f3e782b85fb0de5428f11859,maturity_below_8 +docs.usuario_final.consulta.administration-route,docs,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-24ac307af503d971c52146d6,maturity_below_8 +docs.usuario_final.diagnostico.administration-route,docs,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-b49a1ebe140828953b79c4cf,maturity_below_8 +docs.usuario_final.explicacao.administration-route,docs,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-0cffb9e36a2dfd5fb617e512,maturity_below_8 +finance.administrador_empresa.acao.administration-route,finance,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-38902e4eff57593901a8c201, +finance.administrador_empresa.auditoria.administration-route,finance,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-deb7ba20962e59fcb7793c88, +finance.administrador_empresa.consulta.administration-route,finance,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-9a6e77daab5192e31e4af9b9, +finance.administrador_empresa.diagnostico.administration-route,finance,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-2dd5d2f3c7844a92406b4652, +finance.administrador_empresa.explicacao.administration-route,finance,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-351a8a9d422c43c0aeb2979f, +finance.atendimento_cliente.acao.administration-route,finance,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-0d0a3277784f1d9adffc2a38, +finance.atendimento_cliente.auditoria.administration-route,finance,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-353641ab2caf151f5ebcc94c, +finance.atendimento_cliente.consulta.administration-route,finance,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7e3a182a520ab8d3c3c1fbe9, +finance.atendimento_cliente.diagnostico.administration-route,finance,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-b062fef129fdd7c828e907cc, +finance.atendimento_cliente.explicacao.administration-route,finance,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-da0618e99186ef8d360b8e92, +finance.ceo.acao.administration-route,finance,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-b0f029500c5e6050bc75765e, +finance.ceo.auditoria.administration-route,finance,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-697ffb03f7454d9ff8a037b3, +finance.ceo.consulta.administration-route,finance,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-f75a3032a748c69a68b5cbbd, +finance.ceo.diagnostico.administration-route,finance,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-3c9d84570c7fec33e47c904b, +finance.ceo.explicacao.administration-route,finance,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-ceb3a94c23c2414498977420, +finance.cliente_externo.acao.administration-route,finance,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-e1b15666468dbbd8c38d70cd, +finance.cliente_externo.auditoria.administration-route,finance,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-090cd75846e11b869588172a, +finance.cliente_externo.consulta.administration-route,finance,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-fd87637eca5bd07586c50ef7, +finance.cliente_externo.diagnostico.administration-route,finance,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ac6ed7bb4d06527a8ca04e38, +finance.cliente_externo.explicacao.administration-route,finance,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-3d8066d09a087207ad6a1c7a, +finance.contador.acao.administration-route,finance,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-41329b7474506cbe5ebecc8a, +finance.contador.auditoria.administration-route,finance,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-3a14235f989b05929c8d0a8f, +finance.contador.consulta.administration-route,finance,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-8817e6bdde02179a1821eccf, +finance.contador.diagnostico.administration-route,finance,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-f0ba115295cf2f186e840ec4, +finance.contador.explicacao.administration-route,finance,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-988af97e2ac74be5a5016f6a, +finance.financeiro.acao.administration-route,finance,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-603888ff917c998ab7788cad, +finance.financeiro.auditoria.administration-route,finance,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-c1790521c91ae78316586de0, +finance.financeiro.consulta.administration-route,finance,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7d56d890416852a04849a881, +finance.financeiro.diagnostico.administration-route,finance,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-96b68f4424163cdb35885e20, +finance.financeiro.explicacao.administration-route,finance,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-23df5150e457ad917e4cb78f, +finance.gestor_operacional.acao.administration-route,finance,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-2eb34ac9112184c12cc80546, +finance.gestor_operacional.auditoria.administration-route,finance,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-69839b0b197adcd6e60c754a, +finance.gestor_operacional.consulta.administration-route,finance,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-0571a7eadd1e98134bcbcf79, +finance.gestor_operacional.diagnostico.administration-route,finance,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-54809888a3460031f8541831, +finance.gestor_operacional.explicacao.administration-route,finance,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-47af240fcd48eab9b045331e, +finance.juridico.acao.administration-route,finance,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-b2e1458916b959d1ff847138, +finance.juridico.auditoria.administration-route,finance,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-83792d100bc80ba926b5c7d1, +finance.juridico.consulta.administration-route,finance,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-457c071433c0c338a39cd9df, +finance.juridico.diagnostico.administration-route,finance,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-f431d840d7d3e80103f8c6db, +finance.juridico.explicacao.administration-route,finance,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-a2b1aa81238ab845b8955f37, +finance.planejamento_estrategico.acao.administration-route,finance,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-a0fe9ba2943b1b65606a93eb, +finance.planejamento_estrategico.auditoria.administration-route,finance,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-ceb1ab288edabeeb0a55623d, +finance.planejamento_estrategico.consulta.administration-route,finance,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-ce253970562e379b130e24f9, +finance.planejamento_estrategico.diagnostico.administration-route,finance,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-8200dbacc442a1f4fb96cd1f, +finance.planejamento_estrategico.explicacao.administration-route,finance,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-e326cb6a5147fd51dd1d6826, +finance.secretaria.acao.administration-route,finance,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-ce7a53f10dcd05366e56159e, +finance.secretaria.auditoria.administration-route,finance,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-9829a2731ae49252fcee349c, +finance.secretaria.consulta.administration-route,finance,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-e27c2a9251dc1713b8173327, +finance.secretaria.diagnostico.administration-route,finance,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-a4c63d4977fe22b3772ec4f6, +finance.secretaria.explicacao.administration-route,finance,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8ace6757a71bb1fb14bb2b38, +finance.suporte.acao.administration-route,finance,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-b263c51956b1a9eaef37b60b, +finance.suporte.auditoria.administration-route,finance,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-e6bbd6aa060b8937aa4fa474, +finance.suporte.consulta.administration-route,finance,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-a3452f5c1e09acd5973c6d81, +finance.suporte.diagnostico.administration-route,finance,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-45093649610a663096f57e67, +finance.suporte.explicacao.administration-route,finance,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-0b6322d10a432869b8772b21, +finance.tecnico.acao.administration-route,finance,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-efef18c33067274c5f1198a2, +finance.tecnico.auditoria.administration-route,finance,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-8a48b93ae3ca4327bf894b35, +finance.tecnico.consulta.administration-route,finance,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-09e2e914611744e4e46b565e, +finance.tecnico.diagnostico.administration-route,finance,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-8b3420d0b708f9bac5601b8c, +finance.tecnico.explicacao.administration-route,finance,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-cc09e762712126e2330f7deb, +finance.usuario_final.acao.administration-route,finance,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-dc219e8fe7c91a700dd08f14, +finance.usuario_final.auditoria.administration-route,finance,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-33380d9bc5049dc78447e5a5, +finance.usuario_final.consulta.administration-route,finance,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-084a97c6a14d8d64739d15fe, +finance.usuario_final.diagnostico.administration-route,finance,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-b5854aada4824a27d8cd5eb0, +finance.usuario_final.explicacao.administration-route,finance,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-1b62b7f73aab864facc887b3, +gettys.administrador_empresa.acao.administration-route,gettys,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-25b7416e2574bbceb5c7c8f2,maturity_below_8 +gettys.administrador_empresa.auditoria.administration-route,gettys,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-ff74c58a6d6f5a0bc49209eb,maturity_below_8 +gettys.administrador_empresa.consulta.administration-route,gettys,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-2452ebaa3195fd63ddc718a0,maturity_below_8 +gettys.administrador_empresa.diagnostico.administration-route,gettys,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-68672253cc0b3388a101a0a6,maturity_below_8 +gettys.administrador_empresa.explicacao.administration-route,gettys,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-d891f54c46914bded1d9791b,maturity_below_8 +gettys.atendimento_cliente.acao.administration-route,gettys,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-30cd60a35dde3f005728874c,maturity_below_8 +gettys.atendimento_cliente.auditoria.administration-route,gettys,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-b4af1499c0ec134c58f39de9,maturity_below_8 +gettys.atendimento_cliente.consulta.administration-route,gettys,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-b006a2171a6ca1b949224bf5,maturity_below_8 +gettys.atendimento_cliente.diagnostico.administration-route,gettys,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-393be80f0887c3eb2b0b9bf4,maturity_below_8 +gettys.atendimento_cliente.explicacao.administration-route,gettys,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-df6b51cb66d6324a08a1b0b9,maturity_below_8 +gettys.ceo.acao.administration-route,gettys,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-8c1d8133cc6af11a0de95db8,maturity_below_8 +gettys.ceo.auditoria.administration-route,gettys,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-d764bd0a538462b80ff313c0,maturity_below_8 +gettys.ceo.consulta.administration-route,gettys,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-90099d4f150347ab1f7a1128,maturity_below_8 +gettys.ceo.diagnostico.administration-route,gettys,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-f670f009d44a31f9367a1c35,maturity_below_8 +gettys.ceo.explicacao.administration-route,gettys,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-f38e635c9b171aa6e9f48583,maturity_below_8 +gettys.cliente_externo.acao.administration-route,gettys,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-48fac947a1a18353889ba989,maturity_below_8 +gettys.cliente_externo.auditoria.administration-route,gettys,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-77a25dc530c30a399322d0b1,maturity_below_8 +gettys.cliente_externo.consulta.administration-route,gettys,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-909a322dbfeadd376e71a50e,maturity_below_8 +gettys.cliente_externo.diagnostico.administration-route,gettys,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-d720b747299e81faaeb40e3b,maturity_below_8 +gettys.cliente_externo.explicacao.administration-route,gettys,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-44d20caa2104bb53f85abc9c,maturity_below_8 +gettys.contador.acao.administration-route,gettys,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-9c8287168a83e0a06a185ac1,maturity_below_8 +gettys.contador.auditoria.administration-route,gettys,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-858d0225bcc2f5b81d879b2c,maturity_below_8 +gettys.contador.consulta.administration-route,gettys,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-58a42bb0f859a78d3c92c55c,maturity_below_8 +gettys.contador.diagnostico.administration-route,gettys,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-0841d0af5e756992c9fe0a21,maturity_below_8 +gettys.contador.explicacao.administration-route,gettys,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-9cddf320d13b9530dd1365bf,maturity_below_8 +gettys.financeiro.acao.administration-route,gettys,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-77c66f38f0b242222af855e6,maturity_below_8 +gettys.financeiro.auditoria.administration-route,gettys,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-6f579d768636a7e561843b1d,maturity_below_8 +gettys.financeiro.consulta.administration-route,gettys,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-5458cf34c8bc5cda65cbf35a,maturity_below_8 +gettys.financeiro.diagnostico.administration-route,gettys,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-e6dca188c8549cca4d50925b,maturity_below_8 +gettys.financeiro.explicacao.administration-route,gettys,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-a8afb10492fca8704c80ab35,maturity_below_8 +gettys.gestor_operacional.acao.administration-route,gettys,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-2a070552dce678eab3912dee,maturity_below_8 +gettys.gestor_operacional.auditoria.administration-route,gettys,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-3d95b5a6c8e609db696cf58f,maturity_below_8 +gettys.gestor_operacional.consulta.administration-route,gettys,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-d604572e1cc2563442bdcad1,maturity_below_8 +gettys.gestor_operacional.diagnostico.administration-route,gettys,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-3b501230522c68b7ab9776fd,maturity_below_8 +gettys.gestor_operacional.explicacao.administration-route,gettys,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-df3bf3f914060604b4e92fb1,maturity_below_8 +gettys.juridico.acao.administration-route,gettys,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-d5231e50701c671e4d043627,maturity_below_8 +gettys.juridico.auditoria.administration-route,gettys,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-f768c488ce1329af74f361fa,maturity_below_8 +gettys.juridico.consulta.administration-route,gettys,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-09402766b27474133cb6ca15,maturity_below_8 +gettys.juridico.diagnostico.administration-route,gettys,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-77bdfd2d05d143e1b43c89cc,maturity_below_8 +gettys.juridico.explicacao.administration-route,gettys,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-795fdd3477daec12bf268df9,maturity_below_8 +gettys.planejamento_estrategico.acao.administration-route,gettys,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-38d829bf8550a00297414ef0,maturity_below_8 +gettys.planejamento_estrategico.auditoria.administration-route,gettys,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-bf3d234661f4c32f547a3da9,maturity_below_8 +gettys.planejamento_estrategico.consulta.administration-route,gettys,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-011d3e870dad6a663d57a406,maturity_below_8 +gettys.planejamento_estrategico.diagnostico.administration-route,gettys,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-c3dac11f099c50f56cbd5d41,maturity_below_8 +gettys.planejamento_estrategico.explicacao.administration-route,gettys,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-04414f3a32615914131cdfe7,maturity_below_8 +gettys.secretaria.acao.administration-route,gettys,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-94327b22b2779d5bff7e34ed,maturity_below_8 +gettys.secretaria.auditoria.administration-route,gettys,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-e5ccd903b386e7f6092a222f,maturity_below_8 +gettys.secretaria.consulta.administration-route,gettys,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-f5eeb9ab56584cedf7a791b7,maturity_below_8 +gettys.secretaria.diagnostico.administration-route,gettys,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-58032198566c033b5de75fbb,maturity_below_8 +gettys.secretaria.explicacao.administration-route,gettys,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-df0a5ae289519c87f07728c4,maturity_below_8 +gettys.suporte.acao.administration-route,gettys,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-1fa8898366720c482f82fff7,maturity_below_8 +gettys.suporte.auditoria.administration-route,gettys,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-c7611284f17bc637034ed238,maturity_below_8 +gettys.suporte.consulta.administration-route,gettys,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-96fc72ee34aea135b9977c69,maturity_below_8 +gettys.suporte.diagnostico.administration-route,gettys,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-8640a02eec804a6a089146f2,maturity_below_8 +gettys.suporte.explicacao.administration-route,gettys,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-727437b36d4b9a4df558d3b5,maturity_below_8 +gettys.tecnico.acao.administration-route,gettys,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-86645cd7102abc63bc1ccc20,maturity_below_8 +gettys.tecnico.auditoria.administration-route,gettys,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-59883651fb5cb75143e610fc,maturity_below_8 +gettys.tecnico.consulta.administration-route,gettys,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-05f0ea8b86519dffe05a5cf0,maturity_below_8 +gettys.tecnico.diagnostico.administration-route,gettys,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-7ad64f7c4a2682a2577d2025,maturity_below_8 +gettys.tecnico.explicacao.administration-route,gettys,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-340843819c215fff8d5b985e,maturity_below_8 +gettys.usuario_final.acao.administration-route,gettys,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-20bf6594a2b93dcec9180142,maturity_below_8 +gettys.usuario_final.auditoria.administration-route,gettys,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-fc99fbe73e29bffac08aeacd,maturity_below_8 +gettys.usuario_final.consulta.administration-route,gettys,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-e32bdb644ccf4491c28ee070,maturity_below_8 +gettys.usuario_final.diagnostico.administration-route,gettys,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-b22b17776cb3cc1b7d39ec2e,maturity_below_8 +gettys.usuario_final.explicacao.administration-route,gettys,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-4c39c4bb51b1b5307d788fd3,maturity_below_8 +identity.administrador_empresa.acao.administration-route,identity,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-4dc02904b772d72785b85b39, +identity.administrador_empresa.auditoria.administration-route,identity,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-da1ef5ca4ea37101298439bf, +identity.administrador_empresa.consulta.administration-route,identity,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-3e5363ef34f5582d02d902f0, +identity.administrador_empresa.diagnostico.administration-route,identity,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-01da00d8c640650b428b0a9b, +identity.administrador_empresa.explicacao.administration-route,identity,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-befad8975ae7b9df70d0d3cf, +identity.atendimento_cliente.acao.administration-route,identity,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-0bf435d17a46773aeb0064e4, +identity.atendimento_cliente.auditoria.administration-route,identity,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-006dcc2fe482730a79d747cf, +identity.atendimento_cliente.consulta.administration-route,identity,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-1004a476fb20e977be59f5b3, +identity.atendimento_cliente.diagnostico.administration-route,identity,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-8d356f4a0dce06848480c5de, +identity.atendimento_cliente.explicacao.administration-route,identity,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-321ad6381d4bf570d3136018, +identity.ceo.acao.administration-route,identity,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-ac33883476d87010a6cf5ebe, +identity.ceo.auditoria.administration-route,identity,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-13b66d3b020af13c5ad62780, +identity.ceo.consulta.administration-route,identity,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-fe1cb616738318f6c49dce26, +identity.ceo.diagnostico.administration-route,identity,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-1811f0739e2b978403f424f3, +identity.ceo.explicacao.administration-route,identity,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-3eee024d970981ba1c7da889, +identity.cliente_externo.acao.administration-route,identity,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-f786693279aab920314e158b, +identity.cliente_externo.auditoria.administration-route,identity,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-e33ac64480b6a2417509ef9b, +identity.cliente_externo.consulta.administration-route,identity,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7f56faf92b895123640ffc02, +identity.cliente_externo.diagnostico.administration-route,identity,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-0b10356d8ae58d79a38c2833, +identity.cliente_externo.explicacao.administration-route,identity,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-4530c1a8e33b231547fdb89e, +identity.contador.acao.administration-route,identity,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-69085c673f4b4097d228d7d9, +identity.contador.auditoria.administration-route,identity,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-c7205ded04028af09d882bba, +identity.contador.consulta.administration-route,identity,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-f575a8b45c0e7eb9327362e4, +identity.contador.diagnostico.administration-route,identity,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-278037569d638926352ced91, +identity.contador.explicacao.administration-route,identity,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-b4461c22e62ceb76791fc55e, +identity.financeiro.acao.administration-route,identity,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-4f88aad7a1314b20adedf0f9, +identity.financeiro.auditoria.administration-route,identity,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-d22a7e4f0b703db7da643f66, +identity.financeiro.consulta.administration-route,identity,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-4560a5ac050bd57a423e27ee, +identity.financeiro.diagnostico.administration-route,identity,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-61bbd728827f02caa67d6c53, +identity.financeiro.explicacao.administration-route,identity,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-a2bdc0e55bc0477399849334, +identity.gestor_operacional.acao.administration-route,identity,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-40556d0a41d3fdbca8fcbad2, +identity.gestor_operacional.auditoria.administration-route,identity,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-1e0d415c0bc1d7e0a3644902, +identity.gestor_operacional.consulta.administration-route,identity,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-eedef3c753e8b724fca478b0, +identity.gestor_operacional.diagnostico.administration-route,identity,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-0b2e4b9005b91904bb8df555, +identity.gestor_operacional.explicacao.administration-route,identity,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-2524e76e9ebb0d8ada4029c3, +identity.juridico.acao.administration-route,identity,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-7dc304656c3a6625bd9a1db6, +identity.juridico.auditoria.administration-route,identity,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-dd607566444c58d62079882b, +identity.juridico.consulta.administration-route,identity,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-8e2f32b43bbdb0e609644e1e, +identity.juridico.diagnostico.administration-route,identity,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-e4a5641bf3345306d74aa4c4, +identity.juridico.explicacao.administration-route,identity,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-144e72deea9ee28826f57f60, +identity.planejamento_estrategico.acao.administration-route,identity,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-f18b017d7fbd2ae64c2eee19, +identity.planejamento_estrategico.auditoria.administration-route,identity,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-dcc6021bef0055221556da2d, +identity.planejamento_estrategico.consulta.administration-route,identity,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-585a1feee847a4498d471fb9, +identity.planejamento_estrategico.diagnostico.administration-route,identity,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-b3d0145d29e7557c6c02b422, +identity.planejamento_estrategico.explicacao.administration-route,identity,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-b5fb2d19859b44b18a802ba8, +identity.secretaria.acao.administration-route,identity,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-c32a37aebf3a2112dd170ed3, +identity.secretaria.auditoria.administration-route,identity,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-fa9a05f5dfe7936ff0e147e2, +identity.secretaria.consulta.administration-route,identity,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-13383f8f820f52c96cda525a, +identity.secretaria.diagnostico.administration-route,identity,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-70d96fa84f56c71822f9acdf, +identity.secretaria.explicacao.administration-route,identity,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-77088beb55f58f40cca994cf, +identity.suporte.acao.administration-route,identity,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-d2fcc1811f030c1345b4f619, +identity.suporte.auditoria.administration-route,identity,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-d2f73bb5280d8dbee8e58268, +identity.suporte.consulta.administration-route,identity,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-f9e103968510e03fbe5bf8a3, +identity.suporte.diagnostico.administration-route,identity,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-1265e85b94d7619c5436764f, +identity.suporte.explicacao.administration-route,identity,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-e69ba1fa120172f4213f589f, +identity.tecnico.acao.administration-route,identity,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-0f3801c56cb4b08f947092c4, +identity.tecnico.auditoria.administration-route,identity,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-31c413b0232e71b4710e6327, +identity.tecnico.consulta.administration-route,identity,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-0c7cde9a47075cd3abfd2fe1, +identity.tecnico.diagnostico.administration-route,identity,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ce0375ee4b7b18900bd669b6, +identity.tecnico.explicacao.administration-route,identity,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-c6c0b7722280588a9ace78a0, +identity.usuario_final.acao.administration-route,identity,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-62f0e127eb35ae8c1fb03f70, +identity.usuario_final.auditoria.administration-route,identity,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-1491483488df118ee45f5dd7, +identity.usuario_final.consulta.administration-route,identity,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-2b914cf3641b17869bfa4ab9, +identity.usuario_final.diagnostico.administration-route,identity,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-d8711be668a97f11c5a7380c, +identity.usuario_final.explicacao.administration-route,identity,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-5f0921c673c81cc1ac321ef7, +integracoes.administrador_empresa.acao.administration-route,integracoes,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-71748ec665af126c10b797c8, +integracoes.administrador_empresa.auditoria.administration-route,integracoes,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-3de077a4e3cad9654d7400b8, +integracoes.administrador_empresa.consulta.administration-route,integracoes,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-8f53890e9662038851171eee, +integracoes.administrador_empresa.diagnostico.administration-route,integracoes,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-7c3d71082956a95fff719b88, +integracoes.administrador_empresa.explicacao.administration-route,integracoes,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-54c5e6268ed987fb0af8734c, +integracoes.atendimento_cliente.acao.administration-route,integracoes,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-96381c4e36a716a67b6c708d, +integracoes.atendimento_cliente.auditoria.administration-route,integracoes,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-e0e493914892c32cc74a6dab, +integracoes.atendimento_cliente.consulta.administration-route,integracoes,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-de0b904c230ebff3c1ab07d1, +integracoes.atendimento_cliente.diagnostico.administration-route,integracoes,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ae2680aee85f10cea512891b, +integracoes.atendimento_cliente.explicacao.administration-route,integracoes,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8c4c77de81370500e1ede980, +integracoes.ceo.acao.administration-route,integracoes,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-48c50724541aa215fd8d763c, +integracoes.ceo.auditoria.administration-route,integracoes,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-80de1ffd669c9da1d6de38b8, +integracoes.ceo.consulta.administration-route,integracoes,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-ae35c606394bc6bc91029f13, +integracoes.ceo.diagnostico.administration-route,integracoes,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-604df2ef6b14d00ef7c8b3cf, +integracoes.ceo.explicacao.administration-route,integracoes,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-366dff8a1661d9bdc3edeb98, +integracoes.cliente_externo.acao.administration-route,integracoes,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-5df244d34e4246ce34b5e4d4, +integracoes.cliente_externo.auditoria.administration-route,integracoes,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-72995a713a20b24f6c67f28f, +integracoes.cliente_externo.consulta.administration-route,integracoes,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-832fc963fbaa5ec8fe75f6d8, +integracoes.cliente_externo.diagnostico.administration-route,integracoes,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-364e7321b8725a0dc884823c, +integracoes.cliente_externo.explicacao.administration-route,integracoes,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-592878b1e05324548d78e0d4, +integracoes.contador.acao.administration-route,integracoes,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-dc43504e86c65413e58fda36, +integracoes.contador.auditoria.administration-route,integracoes,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-d06b0cef56f8457b77ee607d, +integracoes.contador.consulta.administration-route,integracoes,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-df99a462f4a34fae52b85dbb, +integracoes.contador.diagnostico.administration-route,integracoes,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-23a969f1068b35a27b37a60b, +integracoes.contador.explicacao.administration-route,integracoes,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-98c8ced87e583cdda0f22e6e, +integracoes.financeiro.acao.administration-route,integracoes,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-8da7afb8a01d4cf05680ad63, +integracoes.financeiro.auditoria.administration-route,integracoes,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-6db1a36922cb406c950cee41, +integracoes.financeiro.consulta.administration-route,integracoes,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-3ff92967f7bc51e96311abec, +integracoes.financeiro.diagnostico.administration-route,integracoes,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-55b9b3fb3bab2823745baa65, +integracoes.financeiro.explicacao.administration-route,integracoes,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8b62c883ef19765e055c1d83, +integracoes.gestor_operacional.acao.administration-route,integracoes,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-515b6a3bc44541087a29e224, +integracoes.gestor_operacional.auditoria.administration-route,integracoes,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-c2fe0a91f3e35727d4f91c6d, +integracoes.gestor_operacional.consulta.administration-route,integracoes,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-5419f13ec96212880bc21cde, +integracoes.gestor_operacional.diagnostico.administration-route,integracoes,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-6fedbc1b8d02cfdfb70503a3, +integracoes.gestor_operacional.explicacao.administration-route,integracoes,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-47d4e5117965d3f86217b32e, +integracoes.juridico.acao.administration-route,integracoes,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-9e20a3b04b9903315c6a0593, +integracoes.juridico.auditoria.administration-route,integracoes,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-d4ddea48892e181e5fd414fd, +integracoes.juridico.consulta.administration-route,integracoes,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-1262901d3e2c96090944f917, +integracoes.juridico.diagnostico.administration-route,integracoes,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ced9a5325468ea24ca05ae0f, +integracoes.juridico.explicacao.administration-route,integracoes,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-f76f7bcfd159d1b877f1ab02, +integracoes.planejamento_estrategico.acao.administration-route,integracoes,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-93e19c1c30d47cb0f9f05dbd, +integracoes.planejamento_estrategico.auditoria.administration-route,integracoes,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-1088c421f660d90fdafd2e48, +integracoes.planejamento_estrategico.consulta.administration-route,integracoes,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-113a7b2b421ed6b79703cad9, +integracoes.planejamento_estrategico.diagnostico.administration-route,integracoes,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-67d919fb53410ff9f3d31446, +integracoes.planejamento_estrategico.explicacao.administration-route,integracoes,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-b1a01194355fb1bf19411c95, +integracoes.secretaria.acao.administration-route,integracoes,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-0cdc019b192bc4c1c6a280b5, +integracoes.secretaria.auditoria.administration-route,integracoes,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-dc8998d31be105b8d3cb842e, +integracoes.secretaria.consulta.administration-route,integracoes,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-647eac2e94c135282564ae61, +integracoes.secretaria.diagnostico.administration-route,integracoes,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-1bb7db57db2420c66f7ad981, +integracoes.secretaria.explicacao.administration-route,integracoes,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-0337cac15092eb32e6a62da5, +integracoes.suporte.acao.administration-route,integracoes,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-06456564d704e1f8fd7b925c, +integracoes.suporte.auditoria.administration-route,integracoes,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-ea84d132b50c89545f64fd5d, +integracoes.suporte.consulta.administration-route,integracoes,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-5197bb5204df9ea60ae277d5, +integracoes.suporte.diagnostico.administration-route,integracoes,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-5775efb7d72ea48d1790a068, +integracoes.suporte.explicacao.administration-route,integracoes,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-da5a25cb79ae805041d212ba, +integracoes.tecnico.acao.administration-route,integracoes,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-9014a75fc2c99e6ad2c3ffdb, +integracoes.tecnico.auditoria.administration-route,integracoes,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-d96a91887a51c523242d6a09, +integracoes.tecnico.consulta.administration-route,integracoes,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-4d5d9dc754ec2a0459d3caef, +integracoes.tecnico.diagnostico.administration-route,integracoes,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-fd064431c41ce024a0ebebbd, +integracoes.tecnico.explicacao.administration-route,integracoes,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8e89b3bad61e1613a09a9937, +integracoes.usuario_final.acao.administration-route,integracoes,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-0c9f17aea4cd22d6d077b4b3, +integracoes.usuario_final.auditoria.administration-route,integracoes,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-da9953ce1519cb30e25a1cd5, +integracoes.usuario_final.consulta.administration-route,integracoes,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-dbe5a17c4500ad77cb79f433, +integracoes.usuario_final.diagnostico.administration-route,integracoes,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-53181bba1e402fb74ccdc6bb, +integracoes.usuario_final.explicacao.administration-route,integracoes,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-fae75eab89e7ddcab2bc948f, +intelligence.administrador_empresa.acao.administration-route,intelligence,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-e51fb10711afbbd6d6545eb3,same_source_false +intelligence.administrador_empresa.auditoria.administration-route,intelligence,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-27abd82fae067bcf989f9f97,same_source_false +intelligence.administrador_empresa.consulta.administration-route,intelligence,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-5aea8564ca36f345d35bb99a,same_source_false +intelligence.administrador_empresa.diagnostico.administration-route,intelligence,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-a97f5b221a5ccbe73d8c3034,same_source_false +intelligence.administrador_empresa.explicacao.administration-route,intelligence,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-1f20a64247fad65d9714859a,same_source_false +intelligence.atendimento_cliente.acao.administration-route,intelligence,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-006804297874a769d850042a,same_source_false +intelligence.atendimento_cliente.auditoria.administration-route,intelligence,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-8c24ba50740b0850092f4be3,same_source_false +intelligence.atendimento_cliente.consulta.administration-route,intelligence,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-c2c6bd281c0d0fe58528b69c,same_source_false +intelligence.atendimento_cliente.diagnostico.administration-route,intelligence,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-76b190c91dd8419e5b134d0a,same_source_false +intelligence.atendimento_cliente.explicacao.administration-route,intelligence,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-ce878b9d63510152bdc08121,same_source_false +intelligence.ceo.acao.administration-route,intelligence,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-f2f3159e1337f7f585d61f8f,same_source_false +intelligence.ceo.auditoria.administration-route,intelligence,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-cbdd2f1e558af059e203894c,same_source_false +intelligence.ceo.consulta.administration-route,intelligence,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-b935c651cedf93542a691e8f,same_source_false +intelligence.ceo.diagnostico.administration-route,intelligence,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-2cf7916fe17777fbac6ec777,same_source_false +intelligence.ceo.explicacao.administration-route,intelligence,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-579630bdbbcf01d24f523270,same_source_false +intelligence.cliente_externo.acao.administration-route,intelligence,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-11aed14d148ee16449d85c9d,same_source_false +intelligence.cliente_externo.auditoria.administration-route,intelligence,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-2c1a27444b0cb28881ca49f7,same_source_false +intelligence.cliente_externo.consulta.administration-route,intelligence,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-eaaf0ce9bcffdb720df4b05a,same_source_false +intelligence.cliente_externo.diagnostico.administration-route,intelligence,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-8c49624a98d5e87a5532cec6,same_source_false +intelligence.cliente_externo.explicacao.administration-route,intelligence,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-29ba543a38bf9796c3ce1cbb,same_source_false +intelligence.contador.acao.administration-route,intelligence,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-b014ba9470f3154146637a5a,same_source_false +intelligence.contador.auditoria.administration-route,intelligence,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-1e7c6bfd59dbd7f99af03729,same_source_false +intelligence.contador.consulta.administration-route,intelligence,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-c67169232182ef3a1f23436f,same_source_false +intelligence.contador.diagnostico.administration-route,intelligence,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-e518157558d8cd7c7887dd79,same_source_false +intelligence.contador.explicacao.administration-route,intelligence,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-f507e6b94d33db8ab8013630,same_source_false +intelligence.financeiro.acao.administration-route,intelligence,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-a638c957601742dad67267cf,same_source_false +intelligence.financeiro.auditoria.administration-route,intelligence,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-4d014eb70cf1f7e95517165b,same_source_false +intelligence.financeiro.consulta.administration-route,intelligence,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-2e1739ea25b7d86cb67d42fa,same_source_false +intelligence.financeiro.diagnostico.administration-route,intelligence,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-5e8743c8742b2f5c74971740,same_source_false +intelligence.financeiro.explicacao.administration-route,intelligence,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-f577edbd6b3a46e66079df6b,same_source_false +intelligence.gestor_operacional.acao.administration-route,intelligence,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-79a20430a5650200240b728d,same_source_false +intelligence.gestor_operacional.auditoria.administration-route,intelligence,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-f3ee937ccc839e6f72971c2c,same_source_false +intelligence.gestor_operacional.consulta.administration-route,intelligence,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-3919b10a942f69e041e33502,same_source_false +intelligence.gestor_operacional.diagnostico.administration-route,intelligence,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-ac2b3b2879007775a9f3a246,same_source_false +intelligence.gestor_operacional.explicacao.administration-route,intelligence,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-56cb3aee4ebb458290dc4ee1,same_source_false +intelligence.juridico.acao.administration-route,intelligence,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-c6488f4caf21dfeb87a678f1,same_source_false +intelligence.juridico.auditoria.administration-route,intelligence,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-f7e7d30a62e45a9f0fd63895,same_source_false +intelligence.juridico.consulta.administration-route,intelligence,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-52b702171ad75f41762b84d2,same_source_false +intelligence.juridico.diagnostico.administration-route,intelligence,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-e8673d5d261658103edee90c,same_source_false +intelligence.juridico.explicacao.administration-route,intelligence,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-cc04e38b5dced9c946e1f6b6,same_source_false +intelligence.planejamento_estrategico.acao.administration-route,intelligence,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-3f365cabffcab3ad2b19d5d1,same_source_false +intelligence.planejamento_estrategico.auditoria.administration-route,intelligence,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-4d2196bff50ff432c770efb1,same_source_false +intelligence.planejamento_estrategico.consulta.administration-route,intelligence,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-36d9f919a330b107e731c039,same_source_false +intelligence.planejamento_estrategico.diagnostico.administration-route,intelligence,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-1ec5d2cd453318c0ed4e2bcd,same_source_false +intelligence.planejamento_estrategico.explicacao.administration-route,intelligence,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-8be1669593e780018ed9ba68,same_source_false +intelligence.secretaria.acao.administration-route,intelligence,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-7c7776f90948fda7891e450b,same_source_false +intelligence.secretaria.auditoria.administration-route,intelligence,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-c7dcb1ae8de85d29ebef497c,same_source_false +intelligence.secretaria.consulta.administration-route,intelligence,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-3edde4c82aece8f300b10a6f,same_source_false +intelligence.secretaria.diagnostico.administration-route,intelligence,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-0a774c117757bff38bf1f4e0,same_source_false +intelligence.secretaria.explicacao.administration-route,intelligence,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-4e58db4b57e9bc4c47fcc4a1,same_source_false +intelligence.suporte.acao.administration-route,intelligence,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-9d47834080979dff3a96b0d5,same_source_false +intelligence.suporte.auditoria.administration-route,intelligence,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-41e25d28fd1690aea547fc1f,same_source_false +intelligence.suporte.consulta.administration-route,intelligence,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-9981db04001cece8f9521605,same_source_false +intelligence.suporte.diagnostico.administration-route,intelligence,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-ccbdf29e6b7b7fb6139791a1,same_source_false +intelligence.suporte.explicacao.administration-route,intelligence,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-fef1685d1556ed27fa5d580c,same_source_false +intelligence.tecnico.acao.administration-route,intelligence,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-7bb5d562b90c0c52c50d301e,same_source_false +intelligence.tecnico.auditoria.administration-route,intelligence,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-a32854225aaeb19aedc12f5c,same_source_false +intelligence.tecnico.consulta.administration-route,intelligence,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-a91d571bd1319c6d1e7647e5,same_source_false +intelligence.tecnico.diagnostico.administration-route,intelligence,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-4970930f34fccc58277f65dd,same_source_false +intelligence.tecnico.explicacao.administration-route,intelligence,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-04e4410ef3c227c94b63d102,same_source_false +intelligence.usuario_final.acao.administration-route,intelligence,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,no,blocked,yes,yes,evidence-e925fd4b74aa5ffaa3f4683e,same_source_false +intelligence.usuario_final.auditoria.administration-route,intelligence,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,no,blocked,yes,yes,evidence-b914287b979293728ee78782,same_source_false +intelligence.usuario_final.consulta.administration-route,intelligence,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,no,blocked,yes,yes,evidence-d78dc30e912612037e7e8763,same_source_false +intelligence.usuario_final.diagnostico.administration-route,intelligence,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,no,blocked,yes,yes,evidence-318d37a9b539a966c8eba0d1,same_source_false +intelligence.usuario_final.explicacao.administration-route,intelligence,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,no,blocked,yes,yes,evidence-197064a1a9c4f5151b8aaf71,same_source_false +mcps.administrador_empresa.acao.administration-route,mcps,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-ff3cb5d7815bce1ebff74644, +mcps.administrador_empresa.auditoria.administration-route,mcps,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-9ff5eced39a12c02a3bc15cf, +mcps.administrador_empresa.consulta.administration-route,mcps,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-9347d368f74fd8c55e7f0354, +mcps.administrador_empresa.diagnostico.administration-route,mcps,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-bad9c3151339bb859220ef80, +mcps.administrador_empresa.explicacao.administration-route,mcps,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-7e1284940968cc106f2576da, +mcps.atendimento_cliente.acao.administration-route,mcps,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-17872d16f41e8f9eaf2d7198, +mcps.atendimento_cliente.auditoria.administration-route,mcps,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-e8093a4f2c25eb901ec67f66, +mcps.atendimento_cliente.consulta.administration-route,mcps,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-1a02886aaf226efaaeda7cd6, +mcps.atendimento_cliente.diagnostico.administration-route,mcps,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-f6159e65ab0519d040be1f9e, +mcps.atendimento_cliente.explicacao.administration-route,mcps,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-f8cc2df9cc6e3f08d0e1367e, +mcps.ceo.acao.administration-route,mcps,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-80bcd12139e3bab80c207b5f, +mcps.ceo.auditoria.administration-route,mcps,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-c045116584ecb609b1d7c548, +mcps.ceo.consulta.administration-route,mcps,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-ba64660a7d5d9d75537b532d, +mcps.ceo.diagnostico.administration-route,mcps,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-b8ca619a4607edef85926d56, +mcps.ceo.explicacao.administration-route,mcps,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-aca55df20dde5d7720958b9a, +mcps.cliente_externo.acao.administration-route,mcps,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-dccfe9a9477b956b3e86af69, +mcps.cliente_externo.auditoria.administration-route,mcps,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-4975723a7aeeeb762ae719c7, +mcps.cliente_externo.consulta.administration-route,mcps,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-59bdaf0880f79d05c5126856, +mcps.cliente_externo.diagnostico.administration-route,mcps,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-e58f51d466dc73633f298b7f, +mcps.cliente_externo.explicacao.administration-route,mcps,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-374ba4ad0a09ebecc4325bc1, +mcps.contador.acao.administration-route,mcps,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-719cc211ea59a402ed9f4707, +mcps.contador.auditoria.administration-route,mcps,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-f6d3e337f98bdc4e514d3871, +mcps.contador.consulta.administration-route,mcps,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-5d965deeb3b92a83dabd5336, +mcps.contador.diagnostico.administration-route,mcps,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-d563ccd356b9ff1b95573d9f, +mcps.contador.explicacao.administration-route,mcps,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-4af571b1d285771cbc78ddee, +mcps.financeiro.acao.administration-route,mcps,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-92a98dfd414054a33bf0c718, +mcps.financeiro.auditoria.administration-route,mcps,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-b9936ee9a3ea8b0176bb7df3, +mcps.financeiro.consulta.administration-route,mcps,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-f301fbfec2358b733be30490, +mcps.financeiro.diagnostico.administration-route,mcps,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-f0d5209c1a5a9a9a33806ffa, +mcps.financeiro.explicacao.administration-route,mcps,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-d79aa10fdcdeb68fb9674c24, +mcps.gestor_operacional.acao.administration-route,mcps,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-bd29f454b2e66cb17ee1e91c, +mcps.gestor_operacional.auditoria.administration-route,mcps,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-d7b5f8d62f34b390904101eb, +mcps.gestor_operacional.consulta.administration-route,mcps,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-d90af0ddde1e6e008552129c, +mcps.gestor_operacional.diagnostico.administration-route,mcps,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-e08e9d7c5ef7ba70959d2f31, +mcps.gestor_operacional.explicacao.administration-route,mcps,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-a0cf5577842151f34cf24883, +mcps.juridico.acao.administration-route,mcps,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-dc9f6ccf80844bc8721c714a, +mcps.juridico.auditoria.administration-route,mcps,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-824da85c88101f8f623a8e55, +mcps.juridico.consulta.administration-route,mcps,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-3232ea78796077cb1b1fc18e, +mcps.juridico.diagnostico.administration-route,mcps,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-475db604c79db056c3e5c929, +mcps.juridico.explicacao.administration-route,mcps,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-fcbc4a44dfb49f4159b95fd2, +mcps.planejamento_estrategico.acao.administration-route,mcps,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-fff1ccac685319cdf8bffbf6, +mcps.planejamento_estrategico.auditoria.administration-route,mcps,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-b499e2611c74801c59c3c400, +mcps.planejamento_estrategico.consulta.administration-route,mcps,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-d021810f3449196c500a4461, +mcps.planejamento_estrategico.diagnostico.administration-route,mcps,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-54f32d27405cb76107af9398, +mcps.planejamento_estrategico.explicacao.administration-route,mcps,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-99f93b2c5c026440341a9def, +mcps.secretaria.acao.administration-route,mcps,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-b6cf45b5966d4ef50ab4693a, +mcps.secretaria.auditoria.administration-route,mcps,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-80bf0d845797a5f6daf0a15c, +mcps.secretaria.consulta.administration-route,mcps,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-eecc3fcb8014ed3c4d6ce8ec, +mcps.secretaria.diagnostico.administration-route,mcps,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-de8683d64a31bf51f50c0c3a, +mcps.secretaria.explicacao.administration-route,mcps,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-5296d5ba394e8ab766e15f03, +mcps.suporte.acao.administration-route,mcps,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-b7c055d2958976df84d6e83b, +mcps.suporte.auditoria.administration-route,mcps,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-486670ba3e75b7a635a515f8, +mcps.suporte.consulta.administration-route,mcps,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-ab7c1db1f7de211ebd03428a, +mcps.suporte.diagnostico.administration-route,mcps,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-40ee418eea684a1366eada24, +mcps.suporte.explicacao.administration-route,mcps,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-adcbc0389692e69e5bf59402, +mcps.tecnico.acao.administration-route,mcps,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-89479cca7c85ddb6e1859669, +mcps.tecnico.auditoria.administration-route,mcps,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-52579cebc040238f21659eb9, +mcps.tecnico.consulta.administration-route,mcps,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-de76cd086d2bb8364ea10224, +mcps.tecnico.diagnostico.administration-route,mcps,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-3fdbc3064f1840eb0528c451, +mcps.tecnico.explicacao.administration-route,mcps,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-addd8b65c3355261eceea2b0, +mcps.usuario_final.acao.administration-route,mcps,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-c7e83904604f2c94d1571293, +mcps.usuario_final.auditoria.administration-route,mcps,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-5f036419dc3080297d026fdb, +mcps.usuario_final.consulta.administration-route,mcps,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-d0e4c8400a964edd67e5817c, +mcps.usuario_final.diagnostico.administration-route,mcps,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-f7058ba3b7600deb33a6d2f2, +mcps.usuario_final.explicacao.administration-route,mcps,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-cda60200d392b2fb9b8edc16, +platform_base.administrador_empresa.acao.administration-route,platform_base,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-d1397e4817df5543ea22707e,maturity_below_8 +platform_base.administrador_empresa.auditoria.administration-route,platform_base,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-e7f1ba3ff550869e85e155d4,maturity_below_8 +platform_base.administrador_empresa.consulta.administration-route,platform_base,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-f85dac8479e3aa279531b2bd,maturity_below_8 +platform_base.administrador_empresa.diagnostico.administration-route,platform_base,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-4da4c177a9643e83a9079785,maturity_below_8 +platform_base.administrador_empresa.explicacao.administration-route,platform_base,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-29528d931a83f0056e86c406,maturity_below_8 +platform_base.atendimento_cliente.acao.administration-route,platform_base,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-98fa40d2123bf9c4b5590355,maturity_below_8 +platform_base.atendimento_cliente.auditoria.administration-route,platform_base,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-3da416f3038c3a50e43db3ca,maturity_below_8 +platform_base.atendimento_cliente.consulta.administration-route,platform_base,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-48377a153f7d12bdcc36665d,maturity_below_8 +platform_base.atendimento_cliente.diagnostico.administration-route,platform_base,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-af0d93011df3e5c96757524d,maturity_below_8 +platform_base.atendimento_cliente.explicacao.administration-route,platform_base,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-04c88fef522e7a71f1ca007b,maturity_below_8 +platform_base.ceo.acao.administration-route,platform_base,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-3a26509e3767c56a6df5c3ac,maturity_below_8 +platform_base.ceo.auditoria.administration-route,platform_base,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-cca2797590077f8349d24bd5,maturity_below_8 +platform_base.ceo.consulta.administration-route,platform_base,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-c16738d63fad330503d2ab12,maturity_below_8 +platform_base.ceo.diagnostico.administration-route,platform_base,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-0bcf2c11f1255724212fb16d,maturity_below_8 +platform_base.ceo.explicacao.administration-route,platform_base,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-28ee3572f27c330f2e49afa0,maturity_below_8 +platform_base.cliente_externo.acao.administration-route,platform_base,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-1542d41b83c5fb01d28535ab,maturity_below_8 +platform_base.cliente_externo.auditoria.administration-route,platform_base,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-5a473c36e08a6c8555cc80cd,maturity_below_8 +platform_base.cliente_externo.consulta.administration-route,platform_base,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-7fd0b5bcf0748924edbf11f5,maturity_below_8 +platform_base.cliente_externo.diagnostico.administration-route,platform_base,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-cd79e691cbfefba35e6eaed8,maturity_below_8 +platform_base.cliente_externo.explicacao.administration-route,platform_base,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-5b5ec4ae249b07b2114f0b3f,maturity_below_8 +platform_base.contador.acao.administration-route,platform_base,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-dcbbb3d1d458d04cee4a5668,maturity_below_8 +platform_base.contador.auditoria.administration-route,platform_base,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-3d4d3f6e880ed8b9c19be93a,maturity_below_8 +platform_base.contador.consulta.administration-route,platform_base,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-3d6a1724f1500bc6edb20f3d,maturity_below_8 +platform_base.contador.diagnostico.administration-route,platform_base,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-3e06b6c028c575fae54da2e5,maturity_below_8 +platform_base.contador.explicacao.administration-route,platform_base,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-670e29a7ed61c62814cf2aca,maturity_below_8 +platform_base.financeiro.acao.administration-route,platform_base,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-b665fefe8dc6445658c2d64b,maturity_below_8 +platform_base.financeiro.auditoria.administration-route,platform_base,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-7466ad9e0e433c2f63afb9a0,maturity_below_8 +platform_base.financeiro.consulta.administration-route,platform_base,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-31749edfb6f3516eab893c34,maturity_below_8 +platform_base.financeiro.diagnostico.administration-route,platform_base,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-41c0d274634355757352400a,maturity_below_8 +platform_base.financeiro.explicacao.administration-route,platform_base,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-10ff2da799ff5c16cfd994ba,maturity_below_8 +platform_base.gestor_operacional.acao.administration-route,platform_base,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-417d43e7fcb7fac830afd008,maturity_below_8 +platform_base.gestor_operacional.auditoria.administration-route,platform_base,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-97727869fea4537a904058ac,maturity_below_8 +platform_base.gestor_operacional.consulta.administration-route,platform_base,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-9d2d8f823bbc0aee39265efc,maturity_below_8 +platform_base.gestor_operacional.diagnostico.administration-route,platform_base,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-c2b03d99ddd1d9cd8bb380d3,maturity_below_8 +platform_base.gestor_operacional.explicacao.administration-route,platform_base,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-c3ba59d0ba4b9c13dbedf3a3,maturity_below_8 +platform_base.juridico.acao.administration-route,platform_base,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-132bbdd0201390ca2084d82b,maturity_below_8 +platform_base.juridico.auditoria.administration-route,platform_base,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-8c2a6150e9be682dda9bb877,maturity_below_8 +platform_base.juridico.consulta.administration-route,platform_base,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-73a7c837d50dd14f39eb039a,maturity_below_8 +platform_base.juridico.diagnostico.administration-route,platform_base,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-f38163ace7ba6e275eb6943d,maturity_below_8 +platform_base.juridico.explicacao.administration-route,platform_base,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-73a2e0684d60d242176da6e2,maturity_below_8 +platform_base.planejamento_estrategico.acao.administration-route,platform_base,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-6fc0d1cc9664d132f2f62505,maturity_below_8 +platform_base.planejamento_estrategico.auditoria.administration-route,platform_base,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-9e2e61aca36885973fca3b27,maturity_below_8 +platform_base.planejamento_estrategico.consulta.administration-route,platform_base,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-de5cce41812b1674bf6113bf,maturity_below_8 +platform_base.planejamento_estrategico.diagnostico.administration-route,platform_base,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-91ea08d8d52bd1c9b4bac5fb,maturity_below_8 +platform_base.planejamento_estrategico.explicacao.administration-route,platform_base,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-9c7d29f9efeed9b704465295,maturity_below_8 +platform_base.secretaria.acao.administration-route,platform_base,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-364c95a5ea33639ac5ab1e15,maturity_below_8 +platform_base.secretaria.auditoria.administration-route,platform_base,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-4a2b72b6abff354417312d91,maturity_below_8 +platform_base.secretaria.consulta.administration-route,platform_base,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-d47022ffd52edc4e808d2bbb,maturity_below_8 +platform_base.secretaria.diagnostico.administration-route,platform_base,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-d210758a0bb60cc8cc1ed4cc,maturity_below_8 +platform_base.secretaria.explicacao.administration-route,platform_base,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-b83ed6d75faa838b34a584d0,maturity_below_8 +platform_base.suporte.acao.administration-route,platform_base,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-fa573d8d6eb6e6305a1c5c02,maturity_below_8 +platform_base.suporte.auditoria.administration-route,platform_base,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-47a359703c3832f57e72ef11,maturity_below_8 +platform_base.suporte.consulta.administration-route,platform_base,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-2ac3a8f12230c256dfab68ac,maturity_below_8 +platform_base.suporte.diagnostico.administration-route,platform_base,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-e341afdf6a633711cac32641,maturity_below_8 +platform_base.suporte.explicacao.administration-route,platform_base,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-9a0d45054caab3ea3b375378,maturity_below_8 +platform_base.tecnico.acao.administration-route,platform_base,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-3946eae3030540f5816a167d,maturity_below_8 +platform_base.tecnico.auditoria.administration-route,platform_base,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-04a9dcbdcf8424191745b6bb,maturity_below_8 +platform_base.tecnico.consulta.administration-route,platform_base,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-d644e71596667f455b9a18d7,maturity_below_8 +platform_base.tecnico.diagnostico.administration-route,platform_base,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-cc6f3afc2e5ab81f9dc1ab10,maturity_below_8 +platform_base.tecnico.explicacao.administration-route,platform_base,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-13687fad9ed22fd2ecf77f9f,maturity_below_8 +platform_base.usuario_final.acao.administration-route,platform_base,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-620dd3db23cc3d828b699a02,maturity_below_8 +platform_base.usuario_final.auditoria.administration-route,platform_base,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-d6bd394eb2b502f32d64803a,maturity_below_8 +platform_base.usuario_final.consulta.administration-route,platform_base,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-88841d254094f0f591c22de7,maturity_below_8 +platform_base.usuario_final.diagnostico.administration-route,platform_base,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-f54ed61e4b7aabea159c6c84,maturity_below_8 +platform_base.usuario_final.explicacao.administration-route,platform_base,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-58927bcd883440c2cdd325a1,maturity_below_8 +public.administrador_empresa.acao.administration-route,public,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-38ad0b001299cdd0a3895e24, +public.administrador_empresa.auditoria.administration-route,public,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-fc6a9c96e0a1f828ada4d395, +public.administrador_empresa.consulta.administration-route,public,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-0897f64598cf9c942f25767e, +public.administrador_empresa.diagnostico.administration-route,public,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-f7f62bbd22252a0fd73b4b95, +public.administrador_empresa.explicacao.administration-route,public,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-4eaedbb70cc90cb7629105fe, +public.atendimento_cliente.acao.administration-route,public,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-230f99afbd0dcc741a527b53, +public.atendimento_cliente.auditoria.administration-route,public,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-fc1ea5c77be2b2a292986c8b, +public.atendimento_cliente.consulta.administration-route,public,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-94f70fdf431a7e5b9355f8bc, +public.atendimento_cliente.diagnostico.administration-route,public,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-56f356b2010d816837f12f99, +public.atendimento_cliente.explicacao.administration-route,public,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-61fd0a2ca23c7f41d79ae51d, +public.ceo.acao.administration-route,public,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-9566bdb3a2222cb96e26f9ee, +public.ceo.auditoria.administration-route,public,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-9d092c45bf3df2ca03bd8704, +public.ceo.consulta.administration-route,public,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-87730be971111ba6befea3f6, +public.ceo.diagnostico.administration-route,public,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-4469eecaa81f0524f2647cc6, +public.ceo.explicacao.administration-route,public,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8ea3d1659b6908a507fdf3eb, +public.cliente_externo.acao.administration-route,public,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-bf11e5b6a4498f72394ae63b, +public.cliente_externo.auditoria.administration-route,public,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-816fd1f171186e7c92cdd0d0, +public.cliente_externo.consulta.administration-route,public,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-6ed5a774705440321f834fb8, +public.cliente_externo.diagnostico.administration-route,public,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-cbae58fd5eb64b1cf8a4514a, +public.cliente_externo.explicacao.administration-route,public,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-66fd904c37f80293f31793d5, +public.contador.acao.administration-route,public,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-1c715dbb06ac377a9a814c0a, +public.contador.auditoria.administration-route,public,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-71e8e922af011ca661844b3a, +public.contador.consulta.administration-route,public,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-4e10ce9edda7cbc9cdaf9095, +public.contador.diagnostico.administration-route,public,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-c27e84bd7e73a64d358bf38a, +public.contador.explicacao.administration-route,public,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-c13249624a3ccb7341b78846, +public.financeiro.acao.administration-route,public,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-fca6ecaa1fcfa137261c19eb, +public.financeiro.auditoria.administration-route,public,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-fa67f95f46c0748ac9e6fd8e, +public.financeiro.consulta.administration-route,public,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7cb658e0061fd8141bbd171e, +public.financeiro.diagnostico.administration-route,public,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-4ba2121bb62277671373041b, +public.financeiro.explicacao.administration-route,public,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-730fbf5673c1bdc6970ec66c, +public.gestor_operacional.acao.administration-route,public,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-1c6e54a0e1b5cfd94f4fed42, +public.gestor_operacional.auditoria.administration-route,public,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-2a110e5dfb732b6b87853d40, +public.gestor_operacional.consulta.administration-route,public,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-ff692492064c6ae37d45b861, +public.gestor_operacional.diagnostico.administration-route,public,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ba85aa8ac5cdeff2da2ca4b6, +public.gestor_operacional.explicacao.administration-route,public,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-fe2976e7ffda9b416ff9004a, +public.juridico.acao.administration-route,public,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-a9572c37dae928dc04a5b5e2, +public.juridico.auditoria.administration-route,public,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-13f107a84bde2a940751a025, +public.juridico.consulta.administration-route,public,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-3ea300317e9980ac854f6832, +public.juridico.diagnostico.administration-route,public,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-0168e9f0b9d118de035f435c, +public.juridico.explicacao.administration-route,public,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-eebbd28ffb8a987d430b89cf, +public.planejamento_estrategico.acao.administration-route,public,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-d04b833573d656a71ec26e58, +public.planejamento_estrategico.auditoria.administration-route,public,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-45c51ed8fdd0477b74c2a0f6, +public.planejamento_estrategico.consulta.administration-route,public,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-b9cbe387c4bbbcbfe2482e29, +public.planejamento_estrategico.diagnostico.administration-route,public,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-47489c60d1e69f88350c6b79, +public.planejamento_estrategico.explicacao.administration-route,public,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-4463d2fa972a1ddb5d80fd79, +public.secretaria.acao.administration-route,public,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-d535086775a5109b3ab44c6b, +public.secretaria.auditoria.administration-route,public,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-25246b31471c1e71dbd9e8a7, +public.secretaria.consulta.administration-route,public,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-af12a24a4d0ad6a86a2e5460, +public.secretaria.diagnostico.administration-route,public,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-4c8d69ed7ffff7e179858090, +public.secretaria.explicacao.administration-route,public,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-a1c44badc8968abcd78bf340, +public.suporte.acao.administration-route,public,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-1b7ac7edfc0c36a89ce9f419, +public.suporte.auditoria.administration-route,public,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-2d4daccd7553b55a9d5fc4c8, +public.suporte.consulta.administration-route,public,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-626c9e82bc4bc38c5d7ec216, +public.suporte.diagnostico.administration-route,public,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-4d68e540040751dfeb000296, +public.suporte.explicacao.administration-route,public,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-a97b982b55b2155ae7628371, +public.tecnico.acao.administration-route,public,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-0b155e6c901bba3f772d55a8, +public.tecnico.auditoria.administration-route,public,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-73725264061aeed93ccbd02e, +public.tecnico.consulta.administration-route,public,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-6bd37868fc9a15837a8d75e5, +public.tecnico.diagnostico.administration-route,public,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-131ddbb18706f5acb8725584, +public.tecnico.explicacao.administration-route,public,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-6429f33f2d5734026864c560, +public.usuario_final.acao.administration-route,public,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-536b13d24535ada15101eb35, +public.usuario_final.auditoria.administration-route,public,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-8967a86e3a70ccc17223d7d4, +public.usuario_final.consulta.administration-route,public,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7138eb3da2a65867274c4a8d, +public.usuario_final.diagnostico.administration-route,public,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-601a5768cde734540f6d3cb4, +public.usuario_final.explicacao.administration-route,public,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-23ca64922a9da8632be0ff21, +stj.administrador_empresa.acao.administration-route,stj,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-4e0cfc003e1cabf6251d0030,maturity_below_8 +stj.administrador_empresa.auditoria.administration-route,stj,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-77b01b5d2e0edaed11aef5ff,maturity_below_8 +stj.administrador_empresa.consulta.administration-route,stj,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-288d2d7101e9457a3f7bf0ec,maturity_below_8 +stj.administrador_empresa.diagnostico.administration-route,stj,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-a1af6896fc2e71f91ff4b8a3,maturity_below_8 +stj.administrador_empresa.explicacao.administration-route,stj,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-6b85cfe4d922b86f042a9ffe,maturity_below_8 +stj.atendimento_cliente.acao.administration-route,stj,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-a18b1c6425ce27255b32fce5,maturity_below_8 +stj.atendimento_cliente.auditoria.administration-route,stj,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-669c52d358d44bd081f7912b,maturity_below_8 +stj.atendimento_cliente.consulta.administration-route,stj,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-81f471ea333879874d44c710,maturity_below_8 +stj.atendimento_cliente.diagnostico.administration-route,stj,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-d0a3b492bda2e137e2d539cc,maturity_below_8 +stj.atendimento_cliente.explicacao.administration-route,stj,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-6bea8f174837edf1ebedffb3,maturity_below_8 +stj.ceo.acao.administration-route,stj,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-dfa38d62c54b14873588322e,maturity_below_8 +stj.ceo.auditoria.administration-route,stj,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-ad32707acf1a4764020f329d,maturity_below_8 +stj.ceo.consulta.administration-route,stj,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-42cfe0f3803bc873b21f9cfc,maturity_below_8 +stj.ceo.diagnostico.administration-route,stj,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-dd2129db81fc1fdf2c0d83f8,maturity_below_8 +stj.ceo.explicacao.administration-route,stj,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-6fdf4a4863b4011e5a23f294,maturity_below_8 +stj.cliente_externo.acao.administration-route,stj,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-0ac937cdd1f5c9336c631cde,maturity_below_8 +stj.cliente_externo.auditoria.administration-route,stj,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-0689b028d265158d0ca61fe7,maturity_below_8 +stj.cliente_externo.consulta.administration-route,stj,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-9a711d03769aa20ed7fa11d9,maturity_below_8 +stj.cliente_externo.diagnostico.administration-route,stj,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-d4e14a224577c50f7273ccdc,maturity_below_8 +stj.cliente_externo.explicacao.administration-route,stj,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-cd9b450a69d6cfe7ce59f42a,maturity_below_8 +stj.contador.acao.administration-route,stj,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-e186ce79de6625301f7b16f1,maturity_below_8 +stj.contador.auditoria.administration-route,stj,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-47ade196bf0ccfc76ee2cb3c,maturity_below_8 +stj.contador.consulta.administration-route,stj,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-7005161bf67ac2f61a8efbe2,maturity_below_8 +stj.contador.diagnostico.administration-route,stj,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-0f833de0823eb3b3b731cf5b,maturity_below_8 +stj.contador.explicacao.administration-route,stj,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-2fa7b7e80dd8807e70541f74,maturity_below_8 +stj.financeiro.acao.administration-route,stj,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-ff8677bd402f7ba374c88189,maturity_below_8 +stj.financeiro.auditoria.administration-route,stj,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-7a01348301df92a66c028cda,maturity_below_8 +stj.financeiro.consulta.administration-route,stj,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-d0929af76b9cace0275146be,maturity_below_8 +stj.financeiro.diagnostico.administration-route,stj,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-860d4b0c075982ddbe8c7f31,maturity_below_8 +stj.financeiro.explicacao.administration-route,stj,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-18cdbb5f40e56a2048258a7d,maturity_below_8 +stj.gestor_operacional.acao.administration-route,stj,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-2dfa8bab03a8922a4c75750f,maturity_below_8 +stj.gestor_operacional.auditoria.administration-route,stj,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-6db9b634827319486e4b2540,maturity_below_8 +stj.gestor_operacional.consulta.administration-route,stj,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-6b3d7b5db9a7a13ebc146185,maturity_below_8 +stj.gestor_operacional.diagnostico.administration-route,stj,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-ca70a23586930e81e8f3a3fb,maturity_below_8 +stj.gestor_operacional.explicacao.administration-route,stj,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-85fd3f077cdeea901083b945,maturity_below_8 +stj.juridico.acao.administration-route,stj,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-f5a75f04deb147138f6dc67e,maturity_below_8 +stj.juridico.auditoria.administration-route,stj,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-aa496f411fda525e152fc4c0,maturity_below_8 +stj.juridico.consulta.administration-route,stj,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-8d35b07ebb898a699954a6e8,maturity_below_8 +stj.juridico.diagnostico.administration-route,stj,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-79f64e5e3d4dbf29e771b294,maturity_below_8 +stj.juridico.explicacao.administration-route,stj,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-b04b77fce731f92088625cb2,maturity_below_8 +stj.planejamento_estrategico.acao.administration-route,stj,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-9200c612412130ec480c3d42,maturity_below_8 +stj.planejamento_estrategico.auditoria.administration-route,stj,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-6b5cf0ef7c6db89cf102209c,maturity_below_8 +stj.planejamento_estrategico.consulta.administration-route,stj,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-53a05f50b30b97596a39d06e,maturity_below_8 +stj.planejamento_estrategico.diagnostico.administration-route,stj,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-f5548c0f6384242ea4db6f11,maturity_below_8 +stj.planejamento_estrategico.explicacao.administration-route,stj,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-b36cbb7bfccbb44738388b97,maturity_below_8 +stj.secretaria.acao.administration-route,stj,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-d2f53926bed354c0838ac27c,maturity_below_8 +stj.secretaria.auditoria.administration-route,stj,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-d8f8006ff6f70544d66a6820,maturity_below_8 +stj.secretaria.consulta.administration-route,stj,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-28176dec003b02ff854ca194,maturity_below_8 +stj.secretaria.diagnostico.administration-route,stj,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-3c1e1125c8a16a7d04573526,maturity_below_8 +stj.secretaria.explicacao.administration-route,stj,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-bc1e47840cd352bf2ce3ffdc,maturity_below_8 +stj.suporte.acao.administration-route,stj,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-9eb7113327d4856d4f2496bf,maturity_below_8 +stj.suporte.auditoria.administration-route,stj,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-9ec7ad461ebb4a4cc3fae863,maturity_below_8 +stj.suporte.consulta.administration-route,stj,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-c1bd663e9348826e92ec3344,maturity_below_8 +stj.suporte.diagnostico.administration-route,stj,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-8d7362e543b8905cd16cbe38,maturity_below_8 +stj.suporte.explicacao.administration-route,stj,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-3e349eb510a0f59f533fd696,maturity_below_8 +stj.tecnico.acao.administration-route,stj,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-d6bea2cf279d0337c35f5d40,maturity_below_8 +stj.tecnico.auditoria.administration-route,stj,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-301f2d4ad7236df3fde1fa54,maturity_below_8 +stj.tecnico.consulta.administration-route,stj,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-2b12e9ebb344d2795d6a4832,maturity_below_8 +stj.tecnico.diagnostico.administration-route,stj,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-7ca964e198c04aa193ac1a6c,maturity_below_8 +stj.tecnico.explicacao.administration-route,stj,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-a7d5838e287c4942c30f3a8a,maturity_below_8 +stj.usuario_final.acao.administration-route,stj,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,partial,yes,yes,evidence-30043a4d69795de8d14b311e,maturity_below_8 +stj.usuario_final.auditoria.administration-route,stj,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,partial,yes,yes,evidence-15e1f4603bc3badc78d20810,maturity_below_8 +stj.usuario_final.consulta.administration-route,stj,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,partial,yes,yes,evidence-f04caf9756a62e39a382b150,maturity_below_8 +stj.usuario_final.diagnostico.administration-route,stj,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,partial,yes,yes,evidence-caecce7ff1779ac607198784,maturity_below_8 +stj.usuario_final.explicacao.administration-route,stj,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,partial,yes,yes,evidence-f6fa9feea864797c48fa953a,maturity_below_8 +ui.administrador_empresa.acao.administration-route,ui,administrador_empresa,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-acdd29b6dbc2bf21ec218165, +ui.administrador_empresa.auditoria.administration-route,ui,administrador_empresa,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-a210a59407ffe78ee7afec96, +ui.administrador_empresa.consulta.administration-route,ui,administrador_empresa,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-69ebc5c0fdde786509642367, +ui.administrador_empresa.diagnostico.administration-route,ui,administrador_empresa,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-d5b84a8f12f97b9f44f65195, +ui.administrador_empresa.explicacao.administration-route,ui,administrador_empresa,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-1d7b3e228c181a4b4258ed4a, +ui.atendimento_cliente.acao.administration-route,ui,atendimento_cliente,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-2922ec5ef3d693ac90e6bf24, +ui.atendimento_cliente.auditoria.administration-route,ui,atendimento_cliente,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-d4ecdf56af2c2ce5f434d0d3, +ui.atendimento_cliente.consulta.administration-route,ui,atendimento_cliente,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-4c116aabf7abb9368dfa3144, +ui.atendimento_cliente.diagnostico.administration-route,ui,atendimento_cliente,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-c5de490727201f52d253f875, +ui.atendimento_cliente.explicacao.administration-route,ui,atendimento_cliente,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-32316a1899fb597300b35b93, +ui.ceo.acao.administration-route,ui,ceo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-543f874573af334d27d2f880, +ui.ceo.auditoria.administration-route,ui,ceo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-141de56469a5f2c7bfd2ca4a, +ui.ceo.consulta.administration-route,ui,ceo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-b64e3df6cdfa9a2fc1d3673e, +ui.ceo.diagnostico.administration-route,ui,ceo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-0377ad8216ef33b4f9fe7fd4, +ui.ceo.explicacao.administration-route,ui,ceo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-78a213be246b36c5c0159f7d, +ui.cliente_externo.acao.administration-route,ui,cliente_externo,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-632c60276b35d32f75222984, +ui.cliente_externo.auditoria.administration-route,ui,cliente_externo,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-aa9e0a295646bb65c8f6ac29, +ui.cliente_externo.consulta.administration-route,ui,cliente_externo,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-c8094bb84b276fb3f281bc61, +ui.cliente_externo.diagnostico.administration-route,ui,cliente_externo,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-901df1c41a7007e6748f05ee, +ui.cliente_externo.explicacao.administration-route,ui,cliente_externo,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-d0dc75609ed1f5e71e89d20b, +ui.contador.acao.administration-route,ui,contador,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-7b2c4575cb7a81cb5dd41c5b, +ui.contador.auditoria.administration-route,ui,contador,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-34d38a3765c51b0d43bfd25a, +ui.contador.consulta.administration-route,ui,contador,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-ec45905b9434b0df89f685b8, +ui.contador.diagnostico.administration-route,ui,contador,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-55c938a85db15750833ccb4c, +ui.contador.explicacao.administration-route,ui,contador,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-d1f32ecc684abb23b65c7fe2, +ui.financeiro.acao.administration-route,ui,financeiro,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-18c94b5f29de327e629c21ce, +ui.financeiro.auditoria.administration-route,ui,financeiro,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-8e4052839a650c99fcc2187e, +ui.financeiro.consulta.administration-route,ui,financeiro,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-be83c5c80dbb2c026792cf1a, +ui.financeiro.diagnostico.administration-route,ui,financeiro,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-56cbc34e03b46b259dd0de39, +ui.financeiro.explicacao.administration-route,ui,financeiro,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-aa312b7fdb4f61a721109348, +ui.gestor_operacional.acao.administration-route,ui,gestor_operacional,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-cc84c3fb5335f4070d2fa10e, +ui.gestor_operacional.auditoria.administration-route,ui,gestor_operacional,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-74683ce1c0cbdaed0b805006, +ui.gestor_operacional.consulta.administration-route,ui,gestor_operacional,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-7d29aab1b3777cc9c577b2c5, +ui.gestor_operacional.diagnostico.administration-route,ui,gestor_operacional,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-340b6a63f57c2277eba5e047, +ui.gestor_operacional.explicacao.administration-route,ui,gestor_operacional,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-74240ed62a3ca8782502f932, +ui.juridico.acao.administration-route,ui,juridico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-8129871ba4ef409f63e9b9fb, +ui.juridico.auditoria.administration-route,ui,juridico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-3e64a93015984ab6d7b65707, +ui.juridico.consulta.administration-route,ui,juridico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-5e4b967cef24189521a99479, +ui.juridico.diagnostico.administration-route,ui,juridico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ed46059201484eec2b66af89, +ui.juridico.explicacao.administration-route,ui,juridico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-73bbd570c956b75a7329622c, +ui.planejamento_estrategico.acao.administration-route,ui,planejamento_estrategico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-814dd6fdba41f6aba98ff723, +ui.planejamento_estrategico.auditoria.administration-route,ui,planejamento_estrategico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-0647ffc4add4c70a99857095, +ui.planejamento_estrategico.consulta.administration-route,ui,planejamento_estrategico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-6ea3b3649b195a309ad4795d, +ui.planejamento_estrategico.diagnostico.administration-route,ui,planejamento_estrategico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-8f7c3d093932b44b804b445e, +ui.planejamento_estrategico.explicacao.administration-route,ui,planejamento_estrategico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-63f0909bc0360afca0d89749, +ui.secretaria.acao.administration-route,ui,secretaria,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-2abcc008916770d352204eac, +ui.secretaria.auditoria.administration-route,ui,secretaria,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-b6cb709468d0817ba96deeef, +ui.secretaria.consulta.administration-route,ui,secretaria,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-96a3587a6ca73476a86db1d2, +ui.secretaria.diagnostico.administration-route,ui,secretaria,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-3a3cda0857ff19864a36f8cf, +ui.secretaria.explicacao.administration-route,ui,secretaria,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8899a0db1d0e4d5e7e791716, +ui.suporte.acao.administration-route,ui,suporte,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-e34a5a50f2ebe419171cb8ba, +ui.suporte.auditoria.administration-route,ui,suporte,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-93b6912f4f24a92f7eb4d27d, +ui.suporte.consulta.administration-route,ui,suporte,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-2ed376cb48c0c125748bda52, +ui.suporte.diagnostico.administration-route,ui,suporte,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-a4e9d55924e9e3df4286a819, +ui.suporte.explicacao.administration-route,ui,suporte,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-7c4b39205065ae95d4f163dc, +ui.tecnico.acao.administration-route,ui,tecnico,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-e600134592c2f32face15f51, +ui.tecnico.auditoria.administration-route,ui,tecnico,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-4068982ece0170e33eeecdb3, +ui.tecnico.consulta.administration-route,ui,tecnico,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-4e811ecc28f7cb09c49ea6a0, +ui.tecnico.diagnostico.administration-route,ui,tecnico,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-1cc0f10c9393591218626cc6, +ui.tecnico.explicacao.administration-route,ui,tecnico,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-59939bb42b0dafc7b098f742, +ui.usuario_final.acao.administration-route,ui,usuario_final,acao,mais_humana.admin.acao,mcp.admin.action.request,yes,ready,yes,yes,evidence-e03cf4676a6287cbbadcc159, +ui.usuario_final.auditoria.administration-route,ui,usuario_final,auditoria,mais_humana.admin.auditoria,mcp.admin.audit,yes,ready,yes,yes,evidence-8e5a532f1d450e52f2a59360, +ui.usuario_final.consulta.administration-route,ui,usuario_final,consulta,mais_humana.admin.consulta,mcp.admin.readonly,yes,ready,yes,yes,evidence-87defa2280db2d47d40728a1, +ui.usuario_final.diagnostico.administration-route,ui,usuario_final,diagnostico,mais_humana.admin.diagnostico,mcp.admin.diagnostic,yes,ready,yes,yes,evidence-ef8a5214b6a30fae2dd219eb, +ui.usuario_final.explicacao.administration-route,ui,usuario_final,explicacao,mais_humana.admin.explicacao,mcp.admin.explain,yes,ready,yes,yes,evidence-8b25f4dc32339b235d9c5c80, diff --git a/matrizes/mcp-publication-gate-decisions.csv b/matrizes/mcp-publication-gate-decisions.csv index 5dbd20d..02a6d95 100644 --- a/matrizes/mcp-publication-gate-decisions.csv +++ b/matrizes/mcp-publication-gate-decisions.csv @@ -1,7 +1,7 @@ order_id,status,reason,next_action,evidence_refs 0031_EXECUTIVA__publicar-provider-mais-humana-no-mcps-gateway-via-wrangler-homologado,partial,codigo local do provider existe; publicacao live depende de runner Wrangler sem spawn EPERM,homologar runner Node/esbuild/workerd e repetir wrangler deploy --dry-run antes do deploy real,6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff; wrangler_runner 0032_EXECUTIVA__validar-live-tools-mais-humana-v1-execute-com-evidencia,passed,endpoint live foi sondado sem persistir bearer bruto,retestar as tres tools apos deploy do mcps-gateway contendo o provider Mais Humana,evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0 -0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais,blocked,fetch/push remoto falhou por SEC_E_NO_CREDENTIALS; repo real local 0/0 antes das mudancas; central divergente 5/10,corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo,git_sync_status +0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais,blocked,fetch/push bloqueados por SEC_E_NO_CREDENTIALS e FETCH_HEAD/index.lock conforme auditoria segura,corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo,git_sync_status 0034_EXECUTIVA__corrigir-acl-escrita-central-e-sql-semantico-plataforma-15,partial,artefatos centrais foram testados pelo gerador de gate; falhas ficam registradas no projeto real,manter escrita automatica central e SQL semantico sob teste em toda rodada,central_write_status 0035_EXECUTIVA__reconciliar-nome-canonico-real-alias-platform,blocked,politica de alias foi materializada sem renome destrutivo,"aguardar decisao institucional antes de renomear remote, pasta central, ownerPlatformId ou referencias historicas",alias_policy 0043_GERENCIAL__aprovar-janela-publicacao-provider-mais-humana-com-rollback,partial,"janela pode ser planejada, mas deploy real ainda depende do runner homologado","definir owner, janela, version atual, rollback e criterio de sucesso antes de deploy real",wrangler_runner; 6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff diff --git a/matrizes/targeted-sync-audit.csv b/matrizes/targeted-sync-audit.csv index fc7555d..573ec8e 100644 --- a/matrizes/targeted-sync-audit.csv +++ b/matrizes/targeted-sync-audit.csv @@ -1,4 +1,4 @@ target_id,path,branch,head,ahead,behind,dirty,status,origin,fetch_exit,decision,blockers -mais-humana,G:\_codex-git\tudo-para-ia-mais-humana,main,6b0442f1d01f,0,0,yes,acl_blocked,https://git.ami.app.br/admin/tudo-para-ia-mais-humana.git,255,corrigir ACL/locks de .git antes de qualquer merge/push,git_acl_or_lock_blocked -mcps-internos,G:\_codex-git\tudo-para-ia-mcps-internos-plataform,main,372018a349e8,0,0,no,acl_blocked,https://git.ami.app.br/admin/tudo-para-ia-mcps-internos-plataform.git,255,corrigir ACL/locks de .git antes de qualquer merge/push,git_acl_or_lock_blocked -nucleo-central,G:\_codex-git\nucleo-gestao-operacional,main,983cd12f103b,11,5,yes,acl_blocked,https://git.ami.app.br/admin/nucleo-gestao-operacional.git,255,corrigir ACL/locks de .git antes de qualquer merge/push,git_acl_or_lock_blocked +mais-humana,G:\_codex-git\tudo-para-ia-mais-humana,main,4a168272e6a3,0,0,yes,acl_blocked,https://git.ami.app.br/admin/tudo-para-ia-mais-humana.git,255,corrigir ACL/locks de .git antes de qualquer merge/push,git_acl_or_lock_blocked +mcps-internos,G:\_codex-git\tudo-para-ia-mcps-internos-plataform,main,372018a349e8,0,0,yes,acl_blocked,https://git.ami.app.br/admin/tudo-para-ia-mcps-internos-plataform.git,255,corrigir ACL/locks de .git antes de qualquer merge/push,git_acl_or_lock_blocked +nucleo-central,G:\_codex-git\nucleo-gestao-operacional,main,c4f03f2006a3,11,5,yes,acl_blocked,https://git.ami.app.br/admin/nucleo-gestao-operacional.git,255,corrigir ACL/locks de .git antes de qualquer merge/push,git_acl_or_lock_blocked diff --git a/matrizes/workspace-hygiene-targets.csv b/matrizes/workspace-hygiene-targets.csv index daf4455..a723e10 100644 --- a/matrizes/workspace-hygiene-targets.csv +++ b/matrizes/workspace-hygiene-targets.csv @@ -1,3 +1,3 @@ target_id,path,action,status,applied,deleted,exists_after,children_before,bytes_before,error,note -python-test-temp,G:\_codex-git\tudo-para-ia-mais-humana\.test-tmp,delete_directory,blocked,yes,no,yes,1309,59624382,PermissionError: [WinError 5] Acesso negado: 'G:\\_codex-git\\tudo-para-ia-mais-humana\\.test-tmp\\tmpnk6r4sdb',artifact retained by ACL or filesystem lock +python-test-temp,G:\_codex-git\tudo-para-ia-mais-humana\.test-tmp,delete_directory,blocked,yes,no,yes,363,1275036,PermissionError: [WinError 5] Acesso negado: 'G:\\_codex-git\\tudo-para-ia-mais-humana\\.test-tmp\\tmpnk6r4sdb',artifact retained by ACL or filesystem lock node-dependencies,G:\_codex-git\tudo-para-ia-mais-humana\node_modules,verify_absent,not_found,no,no,no,0,0,,target already absent diff --git a/src/mais_humana/central_materialization.py b/src/mais_humana/central_materialization.py new file mode 100644 index 0000000..a5521d7 --- /dev/null +++ b/src/mais_humana/central_materialization.py @@ -0,0 +1,862 @@ +"""Central dossier materialization for service-order closeout. + +Earlier rounds may update ``current/active-order-queue.md`` faster than the +central can write the matching order files, especially when ACLs or SQLite locks +interrupt the closeout. This module makes that gap explicit and repairable: +it materializes the active orders mentioned by the queue, creates the next +continuity orders, writes a compact closeout report, and updates the semantic +SQLite when the filesystem allows it. +""" + +from __future__ import annotations + +import json +import sqlite3 +from dataclasses import dataclass +from enum import Enum +from pathlib import Path +from typing import Any, Mapping, Sequence + +from .models import GeneratedFile, OrderStatus, OrderType, ServiceOrder, as_plain_data, merge_unique, utc_now +from .orders import order_markdown +from .storage import connect, upsert_files, upsert_orders + + +PROJECT_ID = "tudo-para-ia-mais-humana" +REAL_REPO = "tudo-para-ia-mais-humana" +CENTRAL_FOLDER_NAME = "15_repo_tudo-para-ia-mais-humana-platform" + + +class MaterializationStatus(str, Enum): + """Result for one central materialization action.""" + + CREATED = "created" + UPDATED = "updated" + EXISTS = "exists" + FAILED = "failed" + SKIPPED = "skipped" + + +class OrderLifecycleRole(str, Enum): + """Role of one order in this repair pass.""" + + ACTIVE_INPUT = "active_input" + NEXT_OUTPUT = "next_output" + + +@dataclass(frozen=True, slots=True) +class MaterializedOrderSpec: + """Declarative service-order spec used to materialize central files.""" + + order_id: str + order_type: OrderType + title: str + purpose: str + object_scope: str + reason: str + expected_result: str + affected_paths: tuple[str, ...] + validations: tuple[str, ...] + ready_criteria: tuple[str, ...] + role: OrderLifecycleRole + status: OrderStatus = OrderStatus.PLANNED + priority: str = "alta" + + @property + def subfolder(self) -> str: + return "executivas" if self.order_type == OrderType.EXECUTIVE else "gerenciais" + + @property + def filename(self) -> str: + return f"{self.order_id}.md" + + def to_order(self) -> ServiceOrder: + return ServiceOrder( + order_id=self.order_id, + order_type=self.order_type, + project_id=PROJECT_ID, + title=self.title, + purpose=self.purpose, + object_scope=self.object_scope, + reason=self.reason, + expected_result=self.expected_result, + affected_paths=self.affected_paths, + validations=self.validations, + ready_criteria=self.ready_criteria, + status=self.status, + priority=self.priority, + ) + + def to_dict(self) -> dict[str, Any]: + return as_plain_data(self) + + +@dataclass(frozen=True, slots=True) +class MaterializedOrderAction: + """Result of writing one service-order file.""" + + order_id: str + role: OrderLifecycleRole + path: str + status: MaterializationStatus + error: str = "" + + def to_dict(self) -> dict[str, Any]: + return as_plain_data(self) + + +@dataclass(frozen=True, slots=True) +class SemanticWriteResult: + """Result of updating central semantic SQLite.""" + + sqlite_path: str + attempted: bool + ok: bool + files_count: int + orders_count: int + error: str = "" + + def to_dict(self) -> dict[str, Any]: + return as_plain_data(self) + + +@dataclass(frozen=True, slots=True) +class CentralMaterializationReport: + """Full materialization report for the central platform folder.""" + + report_id: str + generated_at: str + project_id: str + central_platform_folder: str + project_root: str + active_input_orders: tuple[MaterializedOrderSpec, ...] + next_output_orders: tuple[MaterializedOrderSpec, ...] + actions: tuple[MaterializedOrderAction, ...] + semantic_write: SemanticWriteResult + summary: tuple[str, ...] + blockers: tuple[str, ...] + generated_files: tuple[str, ...] = () + + @property + def status(self) -> MaterializationStatus: + if any(action.status == MaterializationStatus.FAILED for action in self.actions) or not self.semantic_write.ok: + return MaterializationStatus.FAILED + if any(action.status == MaterializationStatus.CREATED for action in self.actions): + return MaterializationStatus.CREATED + return MaterializationStatus.EXISTS + + def to_dict(self) -> dict[str, Any]: + data = as_plain_data(self) + data["status"] = self.status.value + return data + + +def _exec( + order_id: str, + title: str, + purpose: str, + reason: str, + expected: str, + affected: Sequence[str], + validations: Sequence[str], + ready: Sequence[str], + *, + role: OrderLifecycleRole, + status: OrderStatus = OrderStatus.PLANNED, +) -> MaterializedOrderSpec: + return MaterializedOrderSpec( + order_id=order_id, + order_type=OrderType.EXECUTIVE, + title=title, + purpose=purpose, + object_scope="Projeto real Mais Humana, MCPs Internos, pasta central da plataforma 15 e artefatos de evidencia MCP.", + reason=reason, + expected_result=expected, + affected_paths=tuple(affected), + validations=tuple(validations), + ready_criteria=tuple(ready), + role=role, + status=status, + ) + + +def _mgr( + order_id: str, + title: str, + purpose: str, + reason: str, + expected: str, + affected: Sequence[str], + validations: Sequence[str], + ready: Sequence[str], + *, + role: OrderLifecycleRole, + status: OrderStatus = OrderStatus.PLANNED, +) -> MaterializedOrderSpec: + return MaterializedOrderSpec( + order_id=order_id, + order_type=OrderType.MANAGERIAL, + title=title, + purpose=purpose, + object_scope="Dossie gerencial da plataforma 15, politicas MCP-only, sincronizacao, nome canonico, Docs e runner operacional.", + reason=reason, + expected_result=expected, + affected_paths=tuple(affected), + validations=tuple(validations), + ready_criteria=tuple(ready), + role=role, + status=status, + ) + + +def active_input_order_specs() -> tuple[MaterializedOrderSpec, ...]: + """Return the active orders that the queue references but may not hold.""" + + return ( + _exec( + "0037_EXECUTIVA__homologar-rotas-administrativas-mcp-no-gateway", + "Homologar rotas administrativas MCP no gateway", + "Validar que consulta, diagnostico, acao, auditoria e explicacao interplataforma estejam descritas e auditaveis pelo MCP.", + "A fila ativa citou a homologacao das rotas administrativas, mas os arquivos de ordem nao estavam materializados.", + "Catalogo de aceitacao MCP-only gerado, indexado e registrado com source hashes, traceId/auditId e evidencias.", + ( + "src/mais_humana/mcp_admin_route_acceptance.py", + "src/mais_humana/generated_mcp_admin_route_acceptance.py", + "dados/mcp-admin-route-acceptance.json", + ), + ( + "python tools/generate_mcp_admin_route_acceptance.py", + "python -m mais_humana.cli mcp-admin-route-acceptance", + "python -m unittest tests.test_mcp_admin_route_acceptance", + ), + ( + "rotas administrativas materializadas em catalogo Python", + "artefatos JSON/CSV/Markdown gerados", + "relacao MCP-only documentada na central", + ), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.PARTIAL, + ), + _exec( + "0038_EXECUTIVA__corrigir-acl-index-lock-e-commitar-artefatos-mcp", + "Corrigir ACL index.lock e commitar artefatos MCP", + "Permitir commit e push dos artefatos MCP sem reset, restore ou sobrescrita de alteracao valida.", + "Fetch/push continuam bloqueados por Schannel e locks/ACL de Git em espelhos Windows.", + "Credenciais e ACL corrigidas por operador autorizado; commit e push escopados executados depois de status limpo.", + (".git/index.lock", ".git/FETCH_HEAD", "dados/targeted-sync-audit.json"), + ("git status --short --branch", "git fetch --all --prune", "git push origin main"), + ("credencial Git valida", "locks removidos por owner autorizado", "push confirmado por hash remoto"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.BLOCKED, + ), + _exec( + "0039_EXECUTIVA__reexecutar-wrangler-em-runner-homologado-e-registrar-deploy", + "Reexecutar Wrangler em runner homologado e registrar deploy", + "Separar deploy Cloudflare real do plugin e confirmar publicacao por evidencia operacional.", + "A ordem roteadora informa que deploy esta sendo feito manualmente pelo usuario; este executor deve apenas conferir live.", + "Runner oficial ou deploy manual registrado com deployment id, smoke live e rollback conhecido.", + ("dados/mcp-publication-gate-mais-humana.json", "ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md"), + ("validar endpoint /v1/execute", "registrar deployment observado", "nao usar plugin como diagnostico operacional"), + ("deploy confirmado por wrangler ou evidencia manual", "smoke live ok", "rollback documentado"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.PARTIAL, + ), + _exec( + "0040_EXECUTIVA__materializar-escrita-central-e-sql-semantico-sem-permissionerror", + "Materializar escrita central e SQL semantico sem PermissionError", + "Garantir que a central receba ordens, indices, reports e funcao semantica dos arquivos quando houver permissao.", + "Ordens ativas estavam citadas nos indices, mas nao existiam como arquivos fisicos.", + "Ordens ativas e de saida materializadas; SQLite central atualizado ou falha objetiva registrada.", + ( + "orders/executivas", + "orders/gerenciais", + "controle-semantico.sqlite", + "reports/EXECUTADO__rodada-015-central-materialization-2026-05-02.md", + ), + ("verificar existencia dos arquivos de ordem", "consultar sql-counts", "git status final"), + ("ordens fisicas existem", "SQL semantico atualizado ou pendencia real registrada", "indices/current/status reconciliados"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.PARTIAL, + ), + _exec( + "0041_EXECUTIVA__resolver-test-tmp-bloqueado-por-acl", + "Resolver test-tmp bloqueado por ACL", + "Remover ou formalizar diretorios temporarios que o executor comum nao consegue apagar.", + "A higiene anterior reduziu .test-tmp, mas dois diretorios continuaram retidos por WinError 5.", + "Artefato temporario removido por owner autorizado ou registrado como bloqueio ACL externo com evidencia.", + (".test-tmp", "dados/workspace-hygiene-report.json", "ecossistema/WORKSPACE-HYGIENE-REPORT.md"), + ("python -m mais_humana.cli workspace-hygiene --apply", "verificar ausencia de node_modules", "git status"), + ("node_modules ausente", ".test-tmp ausente ou blocker ACL explicito", "relatorio de higiene atualizado"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.PARTIAL, + ), + ) + + +def active_managerial_order_specs() -> tuple[MaterializedOrderSpec, ...]: + """Return managerial active orders that must exist physically.""" + + return ( + _mgr( + "0049_GERENCIAL__homologar-mcp-only-administration-routes-como-politica-de-ecossistema", + "Homologar MCP-only administration routes como politica de ecossistema", + "Transformar a regra MCP-only em politica de governanca para todas as plataformas.", + "O roteador determinou que toda comunicacao e administracao interplataforma passe pelos MCPs Internos.", + "Politica MCP-only formalizada com rastreabilidade, gates e criterios de excecao.", + ("ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md", "indexes/orders-index.md"), + ("avaliar contratos MCP-only", "confirmar traceId/auditId", "registrar excecoes"), + ("politica formal registrada", "rotas e operacoes mapeadas", "bloqueios externos separados"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.PARTIAL, + ), + _mgr( + "0050_GERENCIAL__decidir-politica-de-sync-automatico-e-credencial-gitea", + "Decidir politica de sync automatico e credencial Gitea", + "Definir quem corrige credenciais/ACL e como a sincronizacao automatica preserva alteracao valida mais recente.", + "A sincronizacao permanente falhou por SEC_E_NO_CREDENTIALS e Permission denied em FETCH_HEAD.", + "Decisao institucional sobre credencial, servico automatico, bloqueio destrutivo e evidencias de sync.", + ("dados/repository-mesh-readiness.json", "dados/targeted-sync-audit.json"), + ("comparar hashes", "registrar ahead/behind", "bloquear reset/rebase automatico"), + ("credencial operacional definida", "politica anti-reversao aprovada", "logs de sync verificaveis"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.BLOCKED, + ), + _mgr( + "0051_GERENCIAL__aprovar-runner-oficial-wrangler-sem-spawn-eperm", + "Aprovar runner oficial Wrangler sem spawn EPERM", + "Separar runner de deploy homologado da sandbox de edicao local.", + "O runner local historicamente bloqueia node/esbuild/workerd com spawn EPERM.", + "Runner oficial aprovado com responsabilidade, credencial, dry-run e registro de deploy.", + ("dados/mcp-publication-gate-mais-humana.json", "ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md"), + ("wrangler whoami", "wrangler deploy --dry-run", "wrangler deployments list"), + ("runner homologado", "deploy dry-run ok", "evidencia de versionamento Cloudflare"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.BLOCKED, + ), + _mgr( + "0052_GERENCIAL__formalizar-nome-canonico-mais-humana-platform-e-aliases", + "Formalizar nome canonico Mais Humana platform e aliases", + "Decidir a relacao entre repo real sem sufixo, alias administrativo -platform e alias historico -plataform.", + "O projeto real local e remoto encontrado e tudo-para-ia-mais-humana, enquanto a pasta central usa -platform.", + "Nome canonico, aliases, politica de migracao e janela segura documentados sem duplicar repositorio.", + ("README.md", "dados/mcp-publication-gate-mais-humana.json"), + ("verificar remote", "verificar ownerPlatformId", "verificar referencias centrais"), + ("decisao institucional registrada", "aliases preservados ou migrados", "sem repositorio duplicado"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.BLOCKED, + ), + _mgr( + "0053_GERENCIAL__pactuar-docs-catalogonly-ou-response-ready-como-excecao-global", + "Pactuar Docs catalogOnly ou responseReady como excecao global", + "Resolver o blocker gerencial recorrente de Docs catalogOnly.", + "O plano gerencial identifica Docs catalogOnly como impedimento global ou excecao que precisa ser formalizada.", + "Docs promovido a responseReady minimo ou excecao catalogOnly deliberada registrada no comparador MCP.", + ("PLANO-GERENCIAL-DO-ECOSSISTEMA.md", "dados/mcp-contratos-humanos.json"), + ("validar estado Docs", "registrar excecao ou responseReady", "atualizar comparador MCP"), + ("decisao Docs aprovada", "blocker global eliminado ou formalizado", "ordem tecnica vinculada"), + role=OrderLifecycleRole.ACTIVE_INPUT, + status=OrderStatus.BLOCKED, + ), + ) + + +def next_output_order_specs() -> tuple[MaterializedOrderSpec, ...]: + """Return the next continuity orders created by this closeout.""" + + return ( + _exec( + "0042_EXECUTIVA__publicar-catalogo-aceitacao-admin-routes-no-mcps-gateway", + "Publicar catalogo de aceitacao admin routes no MCPs Gateway", + "Expor o catalogo gerado de rotas administrativas como capacidade descoberta pelo MCPs Internos.", + "A homologacao local existe; a publicacao live depende de alteracao/deploy no MCPs Gateway.", + "Gateway retorna o resumo de aceitacao das rotas via /v1/execute com evidenceId e hashes.", + ("tudo-para-ia-mcps-internos-plataform/deploy/mcps-gateway", "dados/mcp-admin-route-acceptance-compacto.json"), + ("testar /v1/execute", "confirmar ok=true", "validar sem segredo bruto"), + ("tool live responde", "MCP descobre catalogo", "evidencia registrada"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _exec( + "0043_EXECUTIVA__corrigir-credencial-gitea-e-sincronizar-espelhos-sem-reversao", + "Corrigir credencial Gitea e sincronizar espelhos sem reversao", + "Desbloquear fetch/push e comparar hashes dos espelhos com politica anti-reversao.", + "Schannel/credencial e FETCH_HEAD bloqueiam sincronizacao segura.", + "Repositorios principais sincronizados ou excecoes por divergencia preservadas com prova.", + ("dados/repository-mesh-inventory.json", "dados/targeted-sync-audit.json"), + ("git fetch --all --prune", "git status --short --branch", "git ls-remote"), + ("credencial funcional", "hashes comparados", "nenhum reset destrutivo"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _exec( + "0044_EXECUTIVA__registrar-deploy-manual-cloudflare-e-smoke-live-mais-humana", + "Registrar deploy manual Cloudflare e smoke live Mais Humana", + "Conciliar a orientacao de deploy manual do usuario com evidencia live repetivel.", + "O executor nao deve usar plugin como caminho operacional e o roteador informa deploy manual.", + "Deployment manual registrado por hash/versao e smoke /v1/execute atualizado.", + ("dados/mcp-publication-gate-mais-humana.json", "dados/mcp-execute-probe-mais-humana.json"), + ("executar smoke HTTP", "redigir bearer", "registrar deployment observado"), + ("liveReady true", "deployment id registrado", "sem segredo bruto"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _exec( + "0045_EXECUTIVA__destravar-sql-central-e-escrita-automatizada-da-plataforma-15", + "Destravar SQL central e escrita automatizada da plataforma 15", + "Garantir que scripts da Mais Humana consigam atualizar o dossie central sem fallback manual.", + "A central historicamente falha com PermissionError ou OperationalError em SQLite.", + "Escrita central e controle-semantico.sqlite atualizados pelo runtime sem erro.", + ("controle-semantico.sqlite", "reports", "indexes", "current", "status"), + ("python -m mais_humana.cli central-materialization", "python -m mais_humana.cli sql-counts"), + ("SQL central abre para escrita", "arquivos centrais gravados", "status final limpo"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _exec( + "0046_EXECUTIVA__remover-test-tmp-com-owner-autorizado-ou-excecao-acl", + "Remover test-tmp com owner autorizado ou excecao ACL", + "Fechar a higiene operacional que depende de permissao acima da sandbox.", + "Dois diretorios vazios de .test-tmp continuam inacessiveis por WinError 5.", + ".test-tmp removido pelo owner do filesystem ou excecao ACL documentada como pendencia externa.", + (".test-tmp", "dados/workspace-hygiene-report.json"), + ("python -m mais_humana.cli workspace-hygiene --apply", "verificar path", "registrar WinError 5 se persistir"), + ("sem node_modules", ".test-tmp ausente ou excecao formal", "report atualizado"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _mgr( + "0054_GERENCIAL__institucionalizar-catalogo-admin-routes-como-gate-de-release", + "Institucionalizar catalogo admin routes como gate de release", + "Fazer do catalogo de rotas administrativas um requisito para release interplataforma.", + "A regra MCP-only precisa sair do dossie da Mais Humana e virar gate de ecossistema.", + "Gate aprovado com owner, evidencia, criterios de excecao e rollback.", + ("ecossistema/MCP-ADMIN-ROUTE-ACCEPTANCE.md", "PLANO-GERENCIAL-DO-ECOSSISTEMA.md"), + ("avaliar cobertura por plataforma", "aprovar regra MCP-only", "registrar excecoes"), + ("gate formal aprovado", "bloqueios externos separados", "ordens por plataforma vinculadas"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _mgr( + "0055_GERENCIAL__governar-sync-automatico-com-precedencia-da-alteracao-valida", + "Governar sync automatico com precedencia da alteracao valida", + "Aprovar regra operacional anti-reversao para todos os espelhos.", + "A ordem permanente exige preservar a alteracao valida mais recente em toda a malha.", + "Politica de sync documentada com bloqueio destrutivo, evidencias e responsabilidades.", + ("dados/repository-mesh-reconciliation.json", "dados/repository-mesh-schedulers.json"), + ("testar scheduler", "comparar hashes", "registrar conflito de precedencia"), + ("politica aprovada", "logs auditaveis", "bloqueio de reset automatico"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _mgr( + "0056_GERENCIAL__separar-deploy-manual-e-runner-wrangler-oficial", + "Separar deploy manual e runner Wrangler oficial", + "Definir quando deploy manual e aceitavel e quando runner oficial e obrigatorio.", + "A rodada atual recebeu orientacao de deploy manual pelo usuario e historico de spawn EPERM.", + "Politica clara para deploy, dry-run, smoke, rollback e evidencia operacional Cloudflare.", + ("dados/mcp-publication-gate-mais-humana.json", "ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md"), + ("validar smoke live", "registrar deployment", "definir owner do runner"), + ("politica aprovada", "runner ou deploy manual distinguido", "sem uso operacional do plugin"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _mgr( + "0057_GERENCIAL__decidir-nome-canonico-platform-sem-duplicar-repositorio", + "Decidir nome canonico platform sem duplicar repositorio", + "Resolver a divergencia entre nome institucional desejado e repo materializado.", + "O roteador manda institucionalizar o novo nome, mas o repo real/remoto ainda e sem sufixo.", + "Decisao com matriz de impacto, aliases, migracao e rollback de Git/MCP/Docs/UI.", + ("README.md", "dados/mcp-publication-gate-mais-humana.json"), + ("inventariar referencias", "aprovar alias", "planejar janela de sync"), + ("nome canonico decidido", "alias registrado", "sem repo duplicado"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + _mgr( + "0058_GERENCIAL__fechar-decisao-docs-response-ready-ou-catalogonly-formal", + "Fechar decisao Docs responseReady ou catalogOnly formal", + "Eliminar o blocker Docs da maturidade global por decisao ou implementacao.", + "Docs aparece repetidamente como catalogOnly pendente no plano gerencial.", + "Docs com leitura canonica responseReady minima ou excecao formal que nao derruba readiness global.", + ("PLANO-GERENCIAL-DO-ECOSSISTEMA.md", "dados/mcp-contratos-humanos.json"), + ("validar comparador MCP", "registrar decisao", "gerar OS tecnica se necessario"), + ("blocker removido ou formalizado", "owner Docs definido", "proxima execucao clara"), + role=OrderLifecycleRole.NEXT_OUTPUT, + ), + ) + + +def all_order_specs() -> tuple[MaterializedOrderSpec, ...]: + return active_input_order_specs() + active_managerial_order_specs() + next_output_order_specs() + + +def _target_path(central_platform_folder: Path, spec: MaterializedOrderSpec) -> Path: + return central_platform_folder / "orders" / spec.subfolder / spec.filename + + +def _write_order(central_platform_folder: Path, spec: MaterializedOrderSpec, *, overwrite: bool = False) -> MaterializedOrderAction: + path = _target_path(central_platform_folder, spec) + if path.exists() and not overwrite: + return MaterializedOrderAction(spec.order_id, spec.role, str(path), MaterializationStatus.EXISTS) + try: + path.parent.mkdir(parents=True, exist_ok=True) + before = path.exists() + path.write_text(order_markdown(spec.to_order(), str(central_platform_folder), REAL_REPO), encoding="utf-8") + return MaterializedOrderAction( + spec.order_id, + spec.role, + str(path), + MaterializationStatus.UPDATED if before else MaterializationStatus.CREATED, + ) + except OSError as exc: + return MaterializedOrderAction( + spec.order_id, + spec.role, + str(path), + MaterializationStatus.FAILED, + f"{type(exc).__name__}: {exc}", + ) + + +def _report_markdown(report: CentralMaterializationReport) -> str: + lines = [ + "# EXECUTADO - Central Materialization", + "", + f"- report_id: `{report.report_id}`", + f"- generated_at: `{report.generated_at}`", + f"- status: `{report.status.value}`", + f"- project_id: `{report.project_id}`", + f"- project_root: `{report.project_root}`", + f"- central_platform_folder: `{report.central_platform_folder}`", + "", + "## Summary", + "", + ] + lines.extend(f"- {item}" for item in report.summary) + lines.extend(["", "## Active Input Orders", ""]) + for spec in report.active_input_orders: + lines.append(f"- `{spec.order_id}` | `{spec.order_type.value}` | `{spec.status.value}` | {spec.title}") + lines.extend(["", "## Next Output Orders", ""]) + for spec in report.next_output_orders: + lines.append(f"- `{spec.order_id}` | `{spec.order_type.value}` | `{spec.status.value}` | {spec.title}") + lines.extend(["", "## Write Actions", ""]) + for action in report.actions: + lines.append(f"- `{action.order_id}` | `{action.role.value}` | `{action.status.value}` | `{action.path}`") + if action.error: + lines.append(f" - error: `{action.error}`") + lines.extend(["", "## Semantic SQLite", ""]) + lines.append(f"- attempted: `{report.semantic_write.attempted}`") + lines.append(f"- ok: `{report.semantic_write.ok}`") + lines.append(f"- sqlite_path: `{report.semantic_write.sqlite_path}`") + lines.append(f"- files_count: `{report.semantic_write.files_count}`") + lines.append(f"- orders_count: `{report.semantic_write.orders_count}`") + if report.semantic_write.error: + lines.append(f"- error: `{report.semantic_write.error}`") + lines.extend(["", "## Blockers", ""]) + if report.blockers: + lines.extend(f"- `{item}`" for item in report.blockers) + else: + lines.append("- Nenhum blocker de materializacao central.") + return "\n".join(lines).strip() + "\n" + + +def _pending_markdown(report: CentralMaterializationReport) -> str: + lines = [ + "# PENDENCIAS-CODEX - Central Materialization", + "", + "## Pendencias reais", + "", + ] + if report.blockers: + lines.extend(f"- `{item}`" for item in report.blockers) + else: + lines.append("- Nenhuma pendencia de materializacao central detectada.") + lines.extend( + [ + "", + "## Observacoes", + "", + "- Falha do plugin Cloudflare nao foi tratada como blocker operacional.", + "- Operacoes Git destrutivas nao foram executadas.", + "- Deploy Cloudflare permanece vinculado a Wrangler/deploy manual conforme ordem roteadora.", + ] + ) + return "\n".join(lines).strip() + "\n" + + +def _audit_markdown(report: CentralMaterializationReport) -> str: + created = sum(1 for action in report.actions if action.status == MaterializationStatus.CREATED) + existing = sum(1 for action in report.actions if action.status == MaterializationStatus.EXISTS) + failed = sum(1 for action in report.actions if action.status == MaterializationStatus.FAILED) + lines = [ + "# AUDITORIA-GPT - Central Materialization", + "", + "## Confirmado", + "", + f"- Ordens avaliadas: `{len(report.actions)}`.", + f"- Ordens criadas: `{created}`.", + f"- Ordens ja existentes: `{existing}`.", + f"- Falhas de escrita: `{failed}`.", + f"- SQLite central atualizado: `{report.semantic_write.ok}`.", + "", + "## Parcial ou bloqueado", + "", + ] + if report.blockers: + lines.extend(f"- `{item}`" for item in report.blockers) + else: + lines.append("- Nenhum item parcial ou bloqueado na materializacao.") + lines.extend( + [ + "", + "## Leitura gerencial", + "", + "- A pasta central agora possui arquivos fisicos para as ordens citadas pela fila.", + "- As proximas ordens de saida se limitam a publicacao live, credenciais, runner, ACL, nome canonico e Docs.", + ] + ) + return "\n".join(lines).strip() + "\n" + + +def _active_queue_markdown(report: CentralMaterializationReport) -> str: + lines = [ + "# Fila ativa apos materializacao central - rodada 015", + "", + f"Atualizado em `{report.generated_at}`.", + "", + "## Ordens de entrada tratadas nesta rodada", + "", + ] + for spec in report.active_input_orders: + lines.append(f"- `{spec.order_id}` | `{spec.status.value}` | {spec.title}") + lines.extend(["", "## Ordens executivas de saida ativas", ""]) + for spec in report.next_output_orders: + if spec.order_type == OrderType.EXECUTIVE: + lines.append(f"- `{spec.order_id}`") + lines.extend(["", "## Ordens gerenciais de saida ativas", ""]) + for spec in report.next_output_orders: + if spec.order_type == OrderType.MANAGERIAL: + lines.append(f"- `{spec.order_id}`") + lines.extend( + [ + "", + "## Bloqueios preservados", + "", + ] + ) + if report.blockers: + lines.extend(f"- `{item}`" for item in report.blockers) + else: + lines.append("- Nenhum blocker novo na materializacao.") + return "\n".join(lines).strip() + "\n" + + +def _state_markdown(report: CentralMaterializationReport) -> str: + lines = [ + "# Estado atual reconciliado - tudo-para-ia-mais-humana", + "", + "## Atualizacao central materialization - 2026-05-02", + "", + f"- status: `{report.status.value}`", + f"- active_input_orders: `{len(report.active_input_orders)}`", + f"- next_output_orders: `{len(report.next_output_orders)}`", + f"- semantic_sql_ok: `{report.semantic_write.ok}`", + f"- project_root: `{report.project_root}`", + f"- central_platform_folder: `{report.central_platform_folder}`", + "", + "A rodada materializou ordens citadas pela fila, gerou o catalogo de aceitacao das rotas administrativas MCP-only e preservou como pendencias apenas credencial Git, runner/deploy, ACL local, decisao canonica e Docs.", + "", + "## Saida ativa efetiva", + "", + ] + for spec in report.next_output_orders: + lines.append(f"- `{spec.order_id}` | `{spec.order_type.value}` | {spec.title}") + lines.extend(["", "## Bloqueios reais", ""]) + if report.blockers: + lines.extend(f"- `{item}`" for item in report.blockers) + else: + lines.append("- Nenhum blocker novo.") + return "\n".join(lines).strip() + "\n" + + +def _orders_index_markdown(report: CentralMaterializationReport) -> str: + lines = [ + "# Indice de ordens - tudo-para-ia-mais-humana", + "", + "## Rodada 015 - materializacao central", + "", + "### Tratadas nesta rodada", + "", + ] + for spec in report.active_input_orders: + lines.append(f"- `{spec.order_id}` | `{spec.order_type.value}` | `{spec.status.value}`") + lines.extend(["", "### Saida ativa apos materializacao", ""]) + for spec in report.next_output_orders: + lines.append(f"- `{spec.order_id}` | `{spec.order_type.value}` | `{spec.status.value}`") + return "\n".join(lines).strip() + "\n" + + +def _generated_records(report: CentralMaterializationReport, central_platform_folder: Path) -> tuple[GeneratedFile, ...]: + relation = "0040_EXECUTIVA__materializar-escrita-central-e-sql-semantico-sem-permissionerror" + paths = ( + ("reports/EXECUTADO__rodada-015-central-materialization-2026-05-02.md", "Relatorio de materializacao central.", "central materialization executed report", "markdown"), + ("reports/PENDENCIAS-CODEX__rodada-015-central-materialization-2026-05-02.md", "Pendencias da materializacao central.", "central materialization pending report", "markdown"), + ("audit/AUDITORIA-GPT__rodada-015-central-materialization-2026-05-02.md", "Auditoria da materializacao central.", "central materialization audit", "markdown"), + ("indexes/INDEX__RODADA015__20260502T0900Z.md", "Indice da materializacao central.", "central materialization index", "markdown"), + ("indexes/orders-index.md", "Indice reconciliado de ordens.", "orders index", "markdown"), + ("indexes/ordens-gerenciais-index.md", "Indice reconciliado de ordens gerenciais.", "managerial orders index", "markdown"), + ("current/active-order-queue.md", "Fila ativa reconciliada.", "active order queue", "markdown"), + ("current/current-project-state.md", "Estado atual reconciliado.", "current project state", "markdown"), + ("status/overview.md", "Overview reconciliado.", "status overview", "markdown"), + ("dados/central-materialization-report.json", "Relatorio estruturado de materializacao central.", "central materialization json", "json"), + ) + records = [ + GeneratedFile( + path=str(central_platform_folder / relative), + description=description, + function=function, + file_type=file_type, + changed_by="mais_humana.central_materialization", + change_summary="Criado ou atualizado fechamento de materializacao central da rodada 015.", + relation_to_order=relation, + ) + for relative, description, function, file_type in paths + ] + for action in report.actions: + records.append( + GeneratedFile( + path=action.path, + description="Arquivo de ordem de servico materializado a partir da fila ativa.", + function="service order file", + file_type="markdown", + changed_by="mais_humana.central_materialization", + change_summary=f"Materializada ordem {action.order_id} com status {action.status.value}.", + relation_to_order=action.order_id, + ) + ) + return tuple(records) + + +def _write_semantic( + sqlite_path: Path, + files: Sequence[GeneratedFile], + specs: Sequence[MaterializedOrderSpec], +) -> SemanticWriteResult: + try: + with connect(sqlite_path) as conn: + upsert_files(conn, files) + upsert_orders(conn, [spec.to_order() for spec in specs]) + conn.commit() + return SemanticWriteResult(str(sqlite_path), True, True, len(files), len(specs)) + except (OSError, sqlite3.DatabaseError) as exc: + return SemanticWriteResult(str(sqlite_path), True, False, len(files), len(specs), f"{type(exc).__name__}: {exc}") + + +def _write_artifact(path: Path, content: str) -> str: + path.parent.mkdir(parents=True, exist_ok=True) + path.write_text(content, encoding="utf-8") + return str(path) + + +def _try_write_artifact(path: Path, content: str) -> tuple[str, str]: + """Write an artifact and return ``(path, error)`` without aborting.""" + + try: + return _write_artifact(path, content), "" + except OSError as exc: + return str(path), f"{type(exc).__name__}: {exc}" + + +def run_central_materialization( + *, + project_root: Path, + central_platform_folder: Path, + overwrite: bool = False, +) -> CentralMaterializationReport: + """Materialize missing central orders, reports, indexes and SQL.""" + + active_specs = active_input_order_specs() + active_managerial_order_specs() + output_specs = next_output_order_specs() + specs = active_specs + output_specs + actions = tuple(_write_order(central_platform_folder, spec, overwrite=overwrite) for spec in specs) + blockers = merge_unique( + [f"{action.order_id}:{action.error}" for action in actions if action.status == MaterializationStatus.FAILED] + ) + placeholder_semantic = SemanticWriteResult(str(central_platform_folder / "controle-semantico.sqlite"), False, False, 0, 0) + report_id = "central-materialization-" + str(abs(hash(json.dumps([action.to_dict() for action in actions], sort_keys=True))))[:12] + summary = ( + f"Active input orders materialized: {len(active_specs)}.", + f"Next output orders materialized: {len(output_specs)}.", + f"Created files: {sum(1 for action in actions if action.status == MaterializationStatus.CREATED)}.", + f"Existing files: {sum(1 for action in actions if action.status == MaterializationStatus.EXISTS)}.", + f"Failed writes: {sum(1 for action in actions if action.status == MaterializationStatus.FAILED)}.", + ) + report = CentralMaterializationReport( + report_id=report_id, + generated_at=utc_now(), + project_id=PROJECT_ID, + central_platform_folder=str(central_platform_folder), + project_root=str(project_root), + active_input_orders=active_specs, + next_output_orders=output_specs, + actions=actions, + semantic_write=placeholder_semantic, + summary=summary, + blockers=blockers, + ) + records = _generated_records(report, central_platform_folder) + semantic = _write_semantic(central_platform_folder / "controle-semantico.sqlite", records, specs) + blockers = merge_unique((*blockers, *(("semantic_sql:" + semantic.error,) if semantic.error else ()))) + report = CentralMaterializationReport( + report_id=report.report_id, + generated_at=report.generated_at, + project_id=report.project_id, + central_platform_folder=report.central_platform_folder, + project_root=report.project_root, + active_input_orders=report.active_input_orders, + next_output_orders=report.next_output_orders, + actions=report.actions, + semantic_write=semantic, + summary=report.summary, + blockers=blockers, + ) + artifact_targets = ( + (central_platform_folder / "reports" / "EXECUTADO__rodada-015-central-materialization-2026-05-02.md", _report_markdown(report)), + (central_platform_folder / "reports" / "PENDENCIAS-CODEX__rodada-015-central-materialization-2026-05-02.md", _pending_markdown(report)), + (central_platform_folder / "audit" / "AUDITORIA-GPT__rodada-015-central-materialization-2026-05-02.md", _audit_markdown(report)), + (central_platform_folder / "indexes" / "INDEX__RODADA015__20260502T0900Z.md", _report_markdown(report)), + (central_platform_folder / "indexes" / "orders-index.md", _orders_index_markdown(report)), + (central_platform_folder / "indexes" / "ordens-gerenciais-index.md", _orders_index_markdown(report)), + (central_platform_folder / "current" / "active-order-queue.md", _active_queue_markdown(report)), + (central_platform_folder / "current" / "current-project-state.md", _state_markdown(report)), + (central_platform_folder / "status" / "overview.md", _state_markdown(report)), + (central_platform_folder / "dados" / "central-materialization-report.json", json.dumps(report.to_dict(), ensure_ascii=False, indent=2, sort_keys=True)), + ) + generated_files: list[str] = [] + artifact_errors: list[str] = [] + for path, content in artifact_targets: + written_path, error = _try_write_artifact(path, content) + if error: + artifact_errors.append(f"{written_path}:{error}") + continue + generated_files.append(written_path) + fallback_targets = ( + (project_root / "dados" / "central-materialization-report.json", json.dumps(report.to_dict(), ensure_ascii=False, indent=2, sort_keys=True)), + (project_root / "ecossistema" / "CENTRAL-MATERIALIZATION-REPORT.md", _report_markdown(report)), + ) + for path, content in fallback_targets: + written_path, error = _try_write_artifact(path, content) + if error: + artifact_errors.append(f"{written_path}:{error}") + continue + generated_files.append(written_path) + blockers = merge_unique((*report.blockers, *(f"central_artifact:{item}" for item in artifact_errors))) + report = CentralMaterializationReport( + report_id=report.report_id, + generated_at=report.generated_at, + project_id=report.project_id, + central_platform_folder=report.central_platform_folder, + project_root=report.project_root, + active_input_orders=report.active_input_orders, + next_output_orders=report.next_output_orders, + actions=report.actions, + semantic_write=report.semantic_write, + summary=report.summary, + blockers=blockers, + generated_files=tuple(generated_files), + ) + for path, _content in fallback_targets: + if path.exists(): + path.write_text(json.dumps(report.to_dict(), ensure_ascii=False, indent=2, sort_keys=True) if path.suffix == ".json" else _report_markdown(report), encoding="utf-8") + return report diff --git a/src/mais_humana/cli.py b/src/mais_humana/cli.py index f83b740..763b3be 100644 --- a/src/mais_humana/cli.py +++ b/src/mais_humana/cli.py @@ -8,6 +8,7 @@ from pathlib import Path from .models import as_plain_data from .central_consolidation import run_consolidated_report +from .central_materialization import run_central_materialization from .matrix import build_global_recommendations, build_matrix, build_platform_reports from .mcp_contract import build_mcp_contract_report, build_mcp_execute_probe, mcp_provider_compact_json, mcp_provider_payload from .mcp_contract import ( @@ -137,6 +138,13 @@ def build_parser() -> argparse.ArgumentParser: admin_acceptance.add_argument("--operation", default="") admin_acceptance.add_argument("--status", default="") admin_acceptance.add_argument("--limit", type=int, default=120) + central_materialization = sub.add_parser("central-materialization", help="Materialize central active/output orders and semantic records.") + central_materialization.add_argument("--project-root", default="G:/_codex-git/tudo-para-ia-mais-humana") + central_materialization.add_argument( + "--central-platform-folder", + default="G:/_codex-git/nucleo-gestao-operacional/central-de-ordem-de-servico/projects/15_repo_tudo-para-ia-mais-humana-platform", + ) + central_materialization.add_argument("--overwrite", action="store_true") return parser @@ -568,6 +576,16 @@ def command_mcp_admin_route_acceptance(args: argparse.Namespace) -> int: return 0 +def command_central_materialization(args: argparse.Namespace) -> int: + report = run_central_materialization( + project_root=Path(args.project_root), + central_platform_folder=Path(args.central_platform_folder), + overwrite=bool(args.overwrite), + ) + print(json.dumps(report.to_dict(), ensure_ascii=False, indent=2)) + return 0 + + def main(argv: list[str] | None = None) -> int: parser = build_parser() args = parser.parse_args(argv) @@ -609,6 +627,8 @@ def main(argv: list[str] | None = None) -> int: return command_targeted_sync_audit(args) if args.command == "mcp-admin-route-acceptance": return command_mcp_admin_route_acceptance(args) + if args.command == "central-materialization": + return command_central_materialization(args) parser.error(f"unknown command: {args.command}") return 2 diff --git a/src/mais_humana/generated_mcp_admin_route_acceptance.py b/src/mais_humana/generated_mcp_admin_route_acceptance.py new file mode 100644 index 0000000..8dd96dd --- /dev/null +++ b/src/mais_humana/generated_mcp_admin_route_acceptance.py @@ -0,0 +1,26403 @@ +"""Generated MCP administration route acceptance catalog. + +Do not edit by hand. Regenerate with: +python tools/generate_mcp_admin_route_acceptance.py +""" + +from __future__ import annotations + +SOURCE_HASH = 'f9844f598bfbfb968acea6465fc4b8f7a277b5b071003f3808d1581ce3112363' +CASES_COUNT = 910 + +ADMIN_ROUTE_ACCEPTANCE_CASES = ( + { + 'routeId': 'business.administrador_empresa.acao.administration-route', + 'platformId': 'business', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd082c395fdaf1f2b7f4477634fefea03d68c34daa50caffe9869d4f764ede499', + 'sourceRecordsHash': 'ad52ab3aec8c146ff3726b2d3906e7a5c070939751f6dc09bd22113e142f679b', + 'evidenceId': 'evidence-ad52ab3aec8c146ff3726b2d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'administrador_empresaNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.administrador_empresa.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f1d17c2b19d9d7bb48a99f9391cb7ac5b8acaa85685f52cb4942630f38f6d32b', + 'sourceRecordsHash': '10ecf5e6942e1370acc44c11aa79e655a5d324ea8e445a1a233fee9f676802e5', + 'evidenceId': 'evidence-10ecf5e6942e1370acc44c11', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'administrador_empresaNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.administrador_empresa.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '505b2b794fc430bbc76e80c11cb59f484d6c44f2f1331a74edaef872d15d4e38', + 'sourceRecordsHash': '587d659a4c282c7715078021a91d62105284097dade620bc969161477b89401b', + 'evidenceId': 'evidence-587d659a4c282c7715078021', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'administrador_empresaNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.administrador_empresa.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3e6d2ec5d40f72aa001a6da61d26cdb3db6112a01dd2d4a567c6abce7f56fbdd', + 'sourceRecordsHash': 'c7ded42ea265be003bb113b601771a1eb6f5fce906f2fe52923762812891a238', + 'evidenceId': 'evidence-c7ded42ea265be003bb113b6', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'administrador_empresaNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.administrador_empresa.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '051170ee6954b9e724eaae7fef4cb0bb8ed88d39c33dbfacc384c58ea0ff1f9a', + 'sourceRecordsHash': '63d6d7de2ac68232ac3c862ce9684c9d5ef7e2441f4f4b16ff2404ca344fa0cd', + 'evidenceId': 'evidence-63d6d7de2ac68232ac3c862c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'administrador_empresaNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.atendimento_cliente.acao.administration-route', + 'platformId': 'business', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1299a53220e003a76a84268297f5a7228d02dce16a07ae3d39a77d0ffc89f1d6', + 'sourceRecordsHash': '7c7be84ac6782615dfeb38d9e02b86f0ad0deaf2363267c1194d21093dbed20f', + 'evidenceId': 'evidence-7c7be84ac6782615dfeb38d9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'atendimento_clienteNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.atendimento_cliente.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '57beddad77228c21b6036b410547ade91a1057e7e891838a95863368941bf50a', + 'sourceRecordsHash': '4e8c564a2d995bc53735548efabfe94d75a5b51ba45c1ea1e13a44858fe03bf3', + 'evidenceId': 'evidence-4e8c564a2d995bc53735548e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'atendimento_clienteNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.atendimento_cliente.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fc9ad6aadbd39a5aa8fb4444e49779f54202462e0d9b7c86e36edaf39383640d', + 'sourceRecordsHash': '7edecd401588f6ec8c809e03321d2da8922c5453f10737c591d1ab93b90ef7a8', + 'evidenceId': 'evidence-7edecd401588f6ec8c809e03', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'atendimento_clienteNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c6a4c1161a4ab3ddf0cdab419e336e869d4c3f598724e9fa6075c11563daee32', + 'sourceRecordsHash': '0d6b7f9fd95b804d2c99c89daf94687c8399c57f9da494fd711d39269d68c5a9', + 'evidenceId': 'evidence-0d6b7f9fd95b804d2c99c89d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.atendimento_cliente.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0bdee52d0d0fa434a2bd5c0cbd79521b962f3b1eaff978b92fa727107b6a108e', + 'sourceRecordsHash': '8efd2d3db8c8e36d1737e9314fec019577b0745cfb233c570d63e2858eb2e70f', + 'evidenceId': 'evidence-8efd2d3db8c8e36d1737e931', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'atendimento_clienteNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.ceo.acao.administration-route', + 'platformId': 'business', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bd976d4fd2ff57008416461108920c388cea94b1fad993e1176a20097d00d59c', + 'sourceRecordsHash': '8663f918eaf543ba853f6b17f0e5f53f7f0873de4cdc3d32a18f6734fd71aa11', + 'evidenceId': 'evidence-8663f918eaf543ba853f6b17', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'ceoNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.ceo.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0a7868bfb78b8f713f91492f7a35e282ad970ac87fab3f974b30559fa7920826', + 'sourceRecordsHash': '8626f5e4b0fab4f7034f59d586be22c3cb631c08f361f9083eb72c423f7ba05f', + 'evidenceId': 'evidence-8626f5e4b0fab4f7034f59d5', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'ceoNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.ceo.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e4076ddc0cd4f5445f4a832bdb9b77833fe512f036470298afa797fba9a0fb04', + 'sourceRecordsHash': 'a1b5c73faabc9adb8acba4f6a561d519eefe768a025223d7417f0a537819d53f', + 'evidenceId': 'evidence-a1b5c73faabc9adb8acba4f6', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'ceoNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.ceo.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3801b57510c00a1fce40adfc5b8aba77782931a56baae50f84ff3e95dc28ef10', + 'sourceRecordsHash': '97bf7c4fef545240d91a0d6794c9ca8989fce742216f4e8daa7f2394ae451a6a', + 'evidenceId': 'evidence-97bf7c4fef545240d91a0d67', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'ceoNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.ceo.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '677e2c9b2e1073a561244cb1452b056cb0c27aef03fc92b54e7efc4033de969e', + 'sourceRecordsHash': '4910d766c7e8e6539ed20de3ccc4d8fb629d43766d5a8873ae5926ea9840e161', + 'evidenceId': 'evidence-4910d766c7e8e6539ed20de3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'ceoNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.cliente_externo.acao.administration-route', + 'platformId': 'business', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '58d8e5ba1a5694d277ef196e48bc5bee57278b98eba53ee04a5fe88034705039', + 'sourceRecordsHash': '99b8fc9b9bb54a227950015d1c8ad52f9be0a93270a1029f2584c3c013dc9fac', + 'evidenceId': 'evidence-99b8fc9b9bb54a227950015d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'cliente_externoNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.cliente_externo.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5b93e10b9bf98b0bd18a6478cf62fd3b812bca7176a6b46ab1a07fa546c3e15f', + 'sourceRecordsHash': '432a6b6a41e60ad56931f6d8e9fb78cd128d8a92807d6a13b4f2385fbc69a1f8', + 'evidenceId': 'evidence-432a6b6a41e60ad56931f6d8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'cliente_externoNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.cliente_externo.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4a9fb634f6a22c6a0244b1af53e9073d3d0e16de68085e0856cca49d84535f30', + 'sourceRecordsHash': 'dfbddc7a711dcfb103a8f023f9bb71bbde77529691b40420f2a60ac6a79e6daf', + 'evidenceId': 'evidence-dfbddc7a711dcfb103a8f023', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'cliente_externoNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.cliente_externo.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4cc11e419ea2d351bf24969c0069e96e5148bd9cb3d3a7c22402a1fa96bc51a3', + 'sourceRecordsHash': '4ed9ff47ee3fd85464663f242a336dbf1bcc161e8bffd89146216ec6b905165a', + 'evidenceId': 'evidence-4ed9ff47ee3fd85464663f24', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'cliente_externoNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.cliente_externo.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '604dc75b46fbffb86e5dc75e35f1568765d4df639d8d2fe40c9ced7d260b81a9', + 'sourceRecordsHash': 'ed3386af31a57e0f1e8a85e10e3050fe5a841734ca81d6de175576488f3130bf', + 'evidenceId': 'evidence-ed3386af31a57e0f1e8a85e1', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'cliente_externoNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.contador.acao.administration-route', + 'platformId': 'business', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '697740da52ce2b2d2099c814cd0ee8327d2ee05c2efe4fe533c5989f8d42336c', + 'sourceRecordsHash': '3952a88a55a389ba02c94786f29715a10558b2abe2b7b0895a9da9b4147e9dc3', + 'evidenceId': 'evidence-3952a88a55a389ba02c94786', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'contadorNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.contador.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b181759443f41b750ca3fd10486d6cbf6fca84e03be9065784bd0faa77a477f7', + 'sourceRecordsHash': '6551171148e282da243a88c951c4f1d66078ecb2300e1c8bb352d428f593e833', + 'evidenceId': 'evidence-6551171148e282da243a88c9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'contadorNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.contador.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c677323d17cd37326c2234178b1f388211236ef398db2923a405642528fa5081', + 'sourceRecordsHash': '4854f96ae070f53c5b63c43b7f39746cb76122fb668238776e4ac1aa97f06f90', + 'evidenceId': 'evidence-4854f96ae070f53c5b63c43b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'contadorNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.contador.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ab52203f77d128852c2737c5ba76cd6a7cf198037c138087de58be0707d87158', + 'sourceRecordsHash': '2cc3eeed20f5d3fc9be99343572adb4b81ef9398cc390649a63fb87d1ea38e50', + 'evidenceId': 'evidence-2cc3eeed20f5d3fc9be99343', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'contadorNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.contador.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd2de3b3c80a999b0c23b9f9363bdbd4bce3eae2021f6277fbb589ebe46f07ae7', + 'sourceRecordsHash': '748749eeb561e01ef20005bbb8f5dddb0401bfd169b38d0fcd8cd79f1cbd1481', + 'evidenceId': 'evidence-748749eeb561e01ef20005bb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'contadorNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.financeiro.acao.administration-route', + 'platformId': 'business', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9ded2208c5b89a90b5f852c853c4dfe050dc94b2ced5acdeb2575421f6542338', + 'sourceRecordsHash': 'e51c9666ddd06faef25356baa2a8c4ed1e5ac463ec8477b08ccc55095d49e691', + 'evidenceId': 'evidence-e51c9666ddd06faef25356ba', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'financeiroNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.financeiro.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c1f723dba88341dd49d5cf1407b40a229a1b816c2934d28e13420e6947822883', + 'sourceRecordsHash': 'ccfd442014b522c5856ea9a89e654639a4e3f68767557971a4c1c76f4906fe38', + 'evidenceId': 'evidence-ccfd442014b522c5856ea9a8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'financeiroNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.financeiro.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6b22bc7ac53a244090bbebe81dde295aa190863ea735111fa1ad3d7c326baa69', + 'sourceRecordsHash': '149d50ebaae9e2bae7355a2829485bc4fa962870a219ff89815c21a86da9ab16', + 'evidenceId': 'evidence-149d50ebaae9e2bae7355a28', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'financeiroNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.financeiro.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd83fc6883a3ace99ce943643c36d71f3d85da960334b5c938f703c961165c78c', + 'sourceRecordsHash': '694117dd77a32806ecc05dce5960efba850636030431335b560ad00c0f571505', + 'evidenceId': 'evidence-694117dd77a32806ecc05dce', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'financeiroNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.financeiro.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '273dca5b760363ef6e697dc9e2dd31151d2c51680b8abba03e2bdbe6d3031c02', + 'sourceRecordsHash': 'fbd8f174adb84d168c76abc2de111d9c0acebbce815f045c7127d0d5da344f7d', + 'evidenceId': 'evidence-fbd8f174adb84d168c76abc2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'financeiroNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.gestor_operacional.acao.administration-route', + 'platformId': 'business', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3f31ac2d41d4dfdba7ee36d2c6f58ec8b9e19b9486ca775f23b46ad23df4d508', + 'sourceRecordsHash': '8343bb447358e74b5ecfa5432e66829be95bfd896fc9eb54697f4be647723207', + 'evidenceId': 'evidence-8343bb447358e74b5ecfa543', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'gestor_operacionalNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.gestor_operacional.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '47df57dd789b154361b86a88253d2f48e8c72875f460a09562463693c82ebd7d', + 'sourceRecordsHash': 'b3a23a04fbfaeefa95b09e65e5b43b79a3314d81223a68b6e2b138c12201d97b', + 'evidenceId': 'evidence-b3a23a04fbfaeefa95b09e65', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'gestor_operacionalNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.gestor_operacional.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f5e9f4aa859f9dcb462a6abb0a0adce18f592f6ad500f5526e25337e98c0cc10', + 'sourceRecordsHash': '9869f60d582b7641ac3b4dd99a3d438eadfaa980d381ab9e55f9046c85b88756', + 'evidenceId': 'evidence-9869f60d582b7641ac3b4dd9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'gestor_operacionalNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.gestor_operacional.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0457ff11d12150c4f235959ea067d88a3e464f0b987734c80f62eb967cebb1e3', + 'sourceRecordsHash': '7be9f47cb88e75fb8f69233fbedc23c50f7dd7215b0d223d1dff44488f2be535', + 'evidenceId': 'evidence-7be9f47cb88e75fb8f69233f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.gestor_operacional.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0a62ee4f4b2aefab5a41b7e6030af8ea8f65eb7982cc216b121a91116b252a21', + 'sourceRecordsHash': 'abde2bf9dad152aadfdffc7e80d91af8fe9c2b7385e5c4f49373e91985922d35', + 'evidenceId': 'evidence-abde2bf9dad152aadfdffc7e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'gestor_operacionalNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.juridico.acao.administration-route', + 'platformId': 'business', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '634014b193236b09e334ddf0f444aa602ee0ae343db39b20a1135ae7cf826d3f', + 'sourceRecordsHash': '8be1ae4a33a9739b2c85887d7069cf90117cac8f23d290395145bf075e8cb24b', + 'evidenceId': 'evidence-8be1ae4a33a9739b2c85887d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'juridicoNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.juridico.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '40850bcebd6cad4bab4f99415f55558489619aa981b16efa8d875aa8faa886ba', + 'sourceRecordsHash': 'a72cb70547a448771ad3ee9769f9861eb92cd0b9e55fae2faf5888876cd23d33', + 'evidenceId': 'evidence-a72cb70547a448771ad3ee97', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'juridicoNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.juridico.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '22a48bf8a21a63667dd7fc744ff0f9bf42db069fdd6a6992a92c9d21fbb8a5cf', + 'sourceRecordsHash': 'cd4d3d5472947cbbf54e313ee3c8f99c9767e1528387942a479381cf39613a1e', + 'evidenceId': 'evidence-cd4d3d5472947cbbf54e313e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'juridicoNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.juridico.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c42d91e49a4c3407da6d3a3f591373c16854cc615ac1332403fb0e0785eaddd2', + 'sourceRecordsHash': 'd84aa405d12bd4d3a52e0f62426977506d8c06a41a379b4d8967ce62e1505fec', + 'evidenceId': 'evidence-d84aa405d12bd4d3a52e0f62', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'juridicoNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.juridico.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5c4f8e636cfdc0e9292449069105a98ec8c1344b1fdd74ef34654aad233b6479', + 'sourceRecordsHash': '1406eecf16ebedce04528310b3455deff78fa558e82d68f0fe6e56ee66505087', + 'evidenceId': 'evidence-1406eecf16ebedce04528310', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'juridicoNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.planejamento_estrategico.acao.administration-route', + 'platformId': 'business', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f7e8e4c4c31a2e20380fb12b1f766eb22d5d1e8b08a6c194d03bd63478b2cbce', + 'sourceRecordsHash': 'ee7fa3972d690dad1a9f6be2c04087650b3fedc69225caee29576467b700246c', + 'evidenceId': 'evidence-ee7fa3972d690dad1a9f6be2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'planejamento_estrategicoNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0c22db82eb615c3001b9ffee3609aece9153901ebea7bd23636c1de1e6bf10b1', + 'sourceRecordsHash': '0c08c37c640031563180c4c90e9dbb2eaffab2bc4e69ec55813462fd9be2b74a', + 'evidenceId': 'evidence-0c08c37c640031563180c4c9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.planejamento_estrategico.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9fac3e1a4657e07c1223141991db2329561d479767987e414562b4038dc0bce0', + 'sourceRecordsHash': '42e6ef74d938c77746cdb72c54a5b985bc53a008eb49d33d2b3b828b52a6d52c', + 'evidenceId': 'evidence-42e6ef74d938c77746cdb72c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'planejamento_estrategicoNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f3d46d3c766433b2b08fba4d7245e64557f64c2a8ce9d71686a33b168b742ac7', + 'sourceRecordsHash': 'a636fc25bd02c4ffb16c6962b10db9aa8e1219e3ce9e0fbc2e887132e581d994', + 'evidenceId': 'evidence-a636fc25bd02c4ffb16c6962', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '50547d17b2d54668f7b25efde5a71ee7bbdc3e2c7c33710dad5942d558d3ece7', + 'sourceRecordsHash': '390f4acf1816ed6b560751a4d2a991b8d8aa09205711197418e2d1ed8f097c19', + 'evidenceId': 'evidence-390f4acf1816ed6b560751a4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.secretaria.acao.administration-route', + 'platformId': 'business', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '766fc9009d91e93cc458b18215273f9c453def3152c4a9db70a8f8ddda8b1059', + 'sourceRecordsHash': '9e23c6cdbe89617a2dde08e0d6af6e98487c73a8cadd5f5360eadfd40f55d7c2', + 'evidenceId': 'evidence-9e23c6cdbe89617a2dde08e0', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'secretariaNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.secretaria.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '89d81c59e668aa4387e029625ad43defd3dfac9ab0e2aacd9c737a24e07415c5', + 'sourceRecordsHash': '45083e2a5123c61a5547e5c94c0a9d3878bbf79411db564a040ec747624df9f9', + 'evidenceId': 'evidence-45083e2a5123c61a5547e5c9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'secretariaNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.secretaria.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '44de917b6700e25c5f9b43c99622d0c99e0b84ec99a2f7099039f90b1be11652', + 'sourceRecordsHash': '5621cbe62605d3c619f2f2b33c22331088e601df155f71c5f34263b90be6aa38', + 'evidenceId': 'evidence-5621cbe62605d3c619f2f2b3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'secretariaNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.secretaria.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd21a33cd8abfe2a18799a8fb4b359fd62e11cc37e7fa6c85c7289b754a03155c', + 'sourceRecordsHash': 'e8987454edc7c9c67475066980f85901a8c8ff75fb949eca396b6277fded2de2', + 'evidenceId': 'evidence-e8987454edc7c9c674750669', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'secretariaNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.secretaria.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2f5e03b13e7fe4ccf6661e8155f94be741ab64a340c430fdbe2a6ca5e47dc6a3', + 'sourceRecordsHash': '6f5bef2eb928bbad1f1065c0f27afca4d35a1cfb740838db9f99829f08d276c4', + 'evidenceId': 'evidence-6f5bef2eb928bbad1f1065c0', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'secretariaNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.suporte.acao.administration-route', + 'platformId': 'business', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6d9c7569c3da3af47c2c2fda8773dd513a89bc59da97fd8dd2f5e26eadb02588', + 'sourceRecordsHash': '029f16f1af46ae6578c54d12ce061b7aae60e225c27592ab797f3b5766e733aa', + 'evidenceId': 'evidence-029f16f1af46ae6578c54d12', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'suporteNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.suporte.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '478bc822ed17caf9ef0671500548b286cea7f2634395af307fec427e614b3238', + 'sourceRecordsHash': '237e8bbe3e47bbb682b5ea4489ee557ebb9e9aa73d110ebb0ca9a3110e7ac77e', + 'evidenceId': 'evidence-237e8bbe3e47bbb682b5ea44', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'suporteNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.suporte.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '238823299ae492c5d8cb41b191d0d411fa55372d9de17ec7a42289e9026dafaa', + 'sourceRecordsHash': 'c66881c2529beb1c3187927b804d0134d952ea899a77a869096f4dcabeceb61e', + 'evidenceId': 'evidence-c66881c2529beb1c3187927b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'suporteNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.suporte.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6e28c54505db5e693e497f2249733c3cf9b284501f1a89b8f1a55755a57678bc', + 'sourceRecordsHash': 'a00b226d05e4c8d75f5d85f3088e952b5dea00881377106be1e8f31ff7c38e17', + 'evidenceId': 'evidence-a00b226d05e4c8d75f5d85f3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'suporteNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.suporte.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0273e099dd149aae8764512482be06acd6d39a533f47e2de10f8eda0c2c9aec3', + 'sourceRecordsHash': 'd79ebee53e8c208df54686a99ca73e197368a3608e75f2f8262b44cd8698be5a', + 'evidenceId': 'evidence-d79ebee53e8c208df54686a9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'suporteNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.tecnico.acao.administration-route', + 'platformId': 'business', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ee8f8441cb4ec10f744f1ff7c706bfc1339a26d542f434c3b69f3ac7bda783ed', + 'sourceRecordsHash': '883daaaa95091e12b865b607fc0a3eaa089b8ac99b15a23ed550be78930f2c90', + 'evidenceId': 'evidence-883daaaa95091e12b865b607', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'tecnicoNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.tecnico.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '97251a36202e64d62be66b3c7273bb7145cdc18d7b87d5bb71433617404e0a4e', + 'sourceRecordsHash': '674a5a24f73ed1dfd48eae4909ea2497ca20cdd275dc5af73a0d7388f64f90a6', + 'evidenceId': 'evidence-674a5a24f73ed1dfd48eae49', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'tecnicoNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.tecnico.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '868391193e158cecf2b60dd5103eec767673cfe482bec3b17b0775dd29141467', + 'sourceRecordsHash': '432c72168bf314152e9bdf8e6ac71c2ed29ec44e51c8f5e8dc7ed984fdd5fc77', + 'evidenceId': 'evidence-432c72168bf314152e9bdf8e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'tecnicoNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.tecnico.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '512fc59c88fa6975e5a7ae98705fa5cd6364fd0cd99359e86c846d1626cc42a8', + 'sourceRecordsHash': 'faeee54c17c05c63d6eb6b88ceddd7ebcc6459e77ffc8fd04eab19a8db128dcf', + 'evidenceId': 'evidence-faeee54c17c05c63d6eb6b88', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'tecnicoNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.tecnico.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4658c8c10ffb48bb3294ee67cf2bc1e4a5f901f09bd961e5037cc45080ea39e8', + 'sourceRecordsHash': '07fba005b74fd872345c580bc431147c6e5a9d9ed9674e4e4a388251bc83b760', + 'evidenceId': 'evidence-07fba005b74fd872345c580b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'tecnicoNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.usuario_final.acao.administration-route', + 'platformId': 'business', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6b3eb8aa4f54b00bd211376405143db02a567d35927e898e4d5267bc7303e97b', + 'sourceRecordsHash': 'c6e6037125061adc5ed6736eec4f2cedce977ad005f6cb4d254159641b9c5767', + 'evidenceId': 'evidence-c6e6037125061adc5ed6736e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'usuario_finalNeed', 'acaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para business/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para business/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.usuario_final.auditoria.administration-route', + 'platformId': 'business', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5b1b11c3d6ad27a010d235c5cfa01558a3a5d0f71a2cdbeea8f2065d2b3b255d', + 'sourceRecordsHash': '7a9c2f9fd20b59812fbf675f1e2de204432632df64aacb6b1d03f4d14d734be9', + 'evidenceId': 'evidence-7a9c2f9fd20b59812fbf675f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'usuario_finalNeed', 'auditoriaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para business/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para business/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.usuario_final.consulta.administration-route', + 'platformId': 'business', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a5025d532a44da0e6d9e4da6c636e7f9cc27883ce44f800576d35958323eeac7', + 'sourceRecordsHash': '6a25903178ca93b54c7673bf1bc802abc154eeae371b1e75f9611e0f6e7f8d9a', + 'evidenceId': 'evidence-6a25903178ca93b54c7673bf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'usuario_finalNeed', 'consultaState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para business/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para business/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.usuario_final.diagnostico.administration-route', + 'platformId': 'business', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fe6610d90f27ef04d5ba4ba59e2bf0778b9ee5cca76fb2f4b277d1c1cd6af09d', + 'sourceRecordsHash': '552723b48fd546501370a7435c30435deb90a951f584344a809188106fe44492', + 'evidenceId': 'evidence-552723b48fd546501370a743', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'usuario_finalNeed', 'diagnosticoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para business/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para business/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'business.usuario_final.explicacao.administration-route', + 'platformId': 'business', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ddb62b820a179439d794c7f6f29ad1924d6b54f0f94c5ced3324fff5073714db', + 'sourceRecordsHash': '372fc021da7ae4a961bca34c31846443fabd45c151537d84dea4c2c2b847b8b2', + 'evidenceId': 'evidence-372fc021da7ae4a961bca34c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'businessStatus', 'usuario_finalNeed', 'explicacaoState', 'commercialGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para business/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider business via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para business/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.administrador_empresa.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '95610758d1f1275557afe68203eb62af7beec5a731b9e7f35fbfbf8dade2612d', + 'sourceRecordsHash': '421d97740c6c748241218cd946d1854bb4aa7b2db1c0ce82167776c78ec0f48a', + 'evidenceId': 'evidence-421d97740c6c748241218cd9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'administrador_empresaNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.administrador_empresa.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '61b73e9ecf392c5a570a4695ac647fbfb5d4a38f490a0b47cbb5f41d65d10dda', + 'sourceRecordsHash': 'da71a08a14a5361908269daac0c5b0781e6d401b8ad0764bfbc117a8b404f148', + 'evidenceId': 'evidence-da71a08a14a5361908269daa', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'administrador_empresaNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.administrador_empresa.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '865627e7c1446a86d098408d7d8e1aceab3814807f1da1041db23201d5c09103', + 'sourceRecordsHash': '5e1ee3a252953bb0ffa17332db74de07be3b7dbcc183d682bda6b8499242349a', + 'evidenceId': 'evidence-5e1ee3a252953bb0ffa17332', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'administrador_empresaNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.administrador_empresa.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '755e05dce5a5d3a00e28a1c2e34f9454eaca42f6b7a77d851bacea24cba04d7c', + 'sourceRecordsHash': 'd3d75fba0ce5ad7c088fabc226f39964182c7531d84c419f376f8c03d449fd63', + 'evidenceId': 'evidence-d3d75fba0ce5ad7c088fabc2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'administrador_empresaNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.administrador_empresa.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4b7866f85bdc939833d31499ddfcc0332522216e2036999564d99f4d45bda54e', + 'sourceRecordsHash': '30d751c14e86489cc2b3220788ea451a7e5bd5d44b2968a284b77530bf99a38c', + 'evidenceId': 'evidence-30d751c14e86489cc2b32207', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'administrador_empresaNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.atendimento_cliente.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e01020978451ed2d9c5389ed2521bfe67bd0f6f7e1c4f50a2932e54047870ca9', + 'sourceRecordsHash': 'a0e0d70a285e01aa524471235dd54621797587cdd6811f45335a4c0caad85b28', + 'evidenceId': 'evidence-a0e0d70a285e01aa52447123', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'atendimento_clienteNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.atendimento_cliente.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '36358ac5ef7513ff4824884eb281ae436c9d379d5192c38b0e0b001b69337f47', + 'sourceRecordsHash': 'e6a362f1d2d20a36edfec85462dc741a1330d58d3320179600074ece10b15b9d', + 'evidenceId': 'evidence-e6a362f1d2d20a36edfec854', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'atendimento_clienteNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.atendimento_cliente.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '403d748cf5f625357043f67e56f7d8eb5d56c535b1763438f70dbacb133dbd39', + 'sourceRecordsHash': 'b55c69456db525ee2dbf1c8f738617099ece60d035ed917cbbe17461a16bd05b', + 'evidenceId': 'evidence-b55c69456db525ee2dbf1c8f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'atendimento_clienteNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ef3a0b13c78b2f010fe647a815ea1cbfb56a38b4f23b9ded36cb0efe7cf28dbe', + 'sourceRecordsHash': 'f88ddce83206fbf947371a12f1f7db442474cec3cd52c2f7c1ad148ef876bb31', + 'evidenceId': 'evidence-f88ddce83206fbf947371a12', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.atendimento_cliente.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b74a380e59e50265f62523aa27e026ece831f7d8d12d5e9303dc476d7a60fc5d', + 'sourceRecordsHash': '6d9a659e6b5160cc17b38283d90864aa07dc3491b4905b0d129ed8902fa2ad00', + 'evidenceId': 'evidence-6d9a659e6b5160cc17b38283', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'atendimento_clienteNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.ceo.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2f574faf8ded0239bcc1c8f5c67df5e37b50cea317d0fec4055ab7be9a228758', + 'sourceRecordsHash': '6fcfe225f146ea6387759298774419fac809f2b35b6cdbb87f86697ffe1429b1', + 'evidenceId': 'evidence-6fcfe225f146ea6387759298', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'ceoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.ceo.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fd8b68a0619ee11b00522147d0b7b8baaaf82a02387c302eec9d857507f63d57', + 'sourceRecordsHash': '2a2a08255aa813ef65a426bd25e0d422f45cd938b6d5e6ce53969c2afe031ce5', + 'evidenceId': 'evidence-2a2a08255aa813ef65a426bd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'ceoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.ceo.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f823ab70acf3b849697d9300480d43e31e5a66908d4488e44261f02b43928110', + 'sourceRecordsHash': '992f04a502f6ddd9daf0b97b9b18cde405df8db62d7b4c7ff364c32486f94a51', + 'evidenceId': 'evidence-992f04a502f6ddd9daf0b97b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'ceoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.ceo.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b308b090526cb9a54d022358185b532def4a21f3a0609a9315db09c5eddde83d', + 'sourceRecordsHash': '9738c928212fa58c6b0a53fcc42127980ffda0c1ec64c08283eba3f986fc9c6d', + 'evidenceId': 'evidence-9738c928212fa58c6b0a53fc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'ceoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.ceo.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8d5a2f48af17495c73fbe090e748eb7420db742b1f06d014c20552685a1a9a08', + 'sourceRecordsHash': 'd360c27674acf2dc72bf64f8678f65de79f3c10c7ecbe733c0f2148ecf261dd9', + 'evidenceId': 'evidence-d360c27674acf2dc72bf64f8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'ceoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.cliente_externo.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '438d9c7af33d986ec89d61252cbf4ee68a300c692f7e918b51b393f4c2c8283d', + 'sourceRecordsHash': '043eb1e6a85bfc8da961f4358ce267f7d18fe93b613352f67ef09762c4917ff2', + 'evidenceId': 'evidence-043eb1e6a85bfc8da961f435', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'cliente_externoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.cliente_externo.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4a24df0292527acbd75ee6599fc764f346cf58c156cf9f134816f8fdf2e29e40', + 'sourceRecordsHash': 'fccdeeffbefda06bfc324d122be0a52ac1ea52a4b57dd691e336cf9c934d686d', + 'evidenceId': 'evidence-fccdeeffbefda06bfc324d12', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'cliente_externoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.cliente_externo.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a797d3c908d83e7ec274c484f2294c005485a9c155f17374d9a760ec7015c4cb', + 'sourceRecordsHash': 'db5b3feefe77274a7ee958dde60a934c9f0e84047f808746962a898396283ef4', + 'evidenceId': 'evidence-db5b3feefe77274a7ee958dd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'cliente_externoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.cliente_externo.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '842485b47f1ded5d6dc50f3b3c566c52b1bdac7f2131373edaa8122f56f0b263', + 'sourceRecordsHash': 'a7c2e4b1a1a9b7efccef8ef75df07645fbfe2f61b4f9e3df6e7b6fa67743b123', + 'evidenceId': 'evidence-a7c2e4b1a1a9b7efccef8ef7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'cliente_externoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.cliente_externo.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '49c9fd99dd696919f71435c00d611b81caa198bed17af5a48eedcf79694fa900', + 'sourceRecordsHash': '0769489680cf26dec1527f6e2ab4a9287a80312e1aaa843d32db7bd686c6a2db', + 'evidenceId': 'evidence-0769489680cf26dec1527f6e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'cliente_externoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.contador.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '76378cdd16d0e2119b5b5813981235f45a5a039ecced2c597b00a5a1a9aacffa', + 'sourceRecordsHash': 'e1574481a65786a59e8667beb156cdb2b44ab9e1a2648d88a1b0c1776e87b827', + 'evidenceId': 'evidence-e1574481a65786a59e8667be', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'contadorNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.contador.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2471e4c9bd650f2b354523f9db8d9fff5216fe64dc7d051b637cd5ae1a31483d', + 'sourceRecordsHash': 'dfc305d7e6bc4143809273658c11e7314b0bec0b21f0faf9e08347efba220448', + 'evidenceId': 'evidence-dfc305d7e6bc414380927365', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'contadorNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.contador.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'df9f8c70a88faa7f2e1e60b2024113a60b074ac7fcb78a9c3bffdd2f28d83bca', + 'sourceRecordsHash': 'a781034adf6a863661f74c40100a8fd5779a0100b7c8b852e6932ea4d354805f', + 'evidenceId': 'evidence-a781034adf6a863661f74c40', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'contadorNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.contador.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '606c0b708c88c9c427fb7516f9614874a51eb7d57632a15d9dcb44d1075f35ac', + 'sourceRecordsHash': '3096bca3fbed3d072f4ba9c07b793f8d51e17fc536ea09005fd2d839abcbe965', + 'evidenceId': 'evidence-3096bca3fbed3d072f4ba9c0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'contadorNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.contador.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8b5ba21d027248869344dcd2a57e8a3dd73bc308e5b3a8223988e572de2d2e7e', + 'sourceRecordsHash': '4a9d30a7a3d2c99afe6519beb4b3d46c21bc7e7bf26b22806c6021b95344a160', + 'evidenceId': 'evidence-4a9d30a7a3d2c99afe6519be', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'contadorNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.financeiro.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '57e0105999ad67d092c708017f1103b92bf2d41e6c4b94efedb30ae27a56f7ca', + 'sourceRecordsHash': 'd9b19d82ef0a09658c9c29cdf100b90b9c8972d3d44f067cb7f622cc8f804a5c', + 'evidenceId': 'evidence-d9b19d82ef0a09658c9c29cd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'financeiroNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.financeiro.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8dabea178584cd8eac838c210087fedc91a926395602d432453bc6d7897c749d', + 'sourceRecordsHash': '711c0bd1b8ce79facd1a08b980ade64387e8c977262e9343624e3b72fcb04dcc', + 'evidenceId': 'evidence-711c0bd1b8ce79facd1a08b9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'financeiroNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.financeiro.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ee28bde90f33cf3227073f4bf3e490d9e155eb70c3579e8f963cc4ea5ee68d58', + 'sourceRecordsHash': '7fbb7dd1323952eeea9a0e1aa9976621d861464d814baf4436ef6a9ebc8b4fa7', + 'evidenceId': 'evidence-7fbb7dd1323952eeea9a0e1a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'financeiroNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.financeiro.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b21c4bf0c3ad4722c37ed6c1828bf0776d3dbb5068a401df2f535a431266515b', + 'sourceRecordsHash': 'ca5156c0c8582f5c6e2fb561320d7a70c373abaeee2767a2b1a2332b6b3268d1', + 'evidenceId': 'evidence-ca5156c0c8582f5c6e2fb561', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'financeiroNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.financeiro.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '459fb8cc9a27e565f5af7023075657bbeb3fae176af7ac6371131bb3e3187fa5', + 'sourceRecordsHash': '04399664610dafb4342c7fe866699c4357a584ea16e889b222f0eabd43a863e4', + 'evidenceId': 'evidence-04399664610dafb4342c7fe8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'financeiroNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.gestor_operacional.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4dc4b3184f00cae60fd5a367e952483b961a4f1ac2be7d0860bc82cb7a0de0b2', + 'sourceRecordsHash': '2c706d2f0f15d65a86425a7e128d29037cc4dac3c68ccff4f055ff002907475c', + 'evidenceId': 'evidence-2c706d2f0f15d65a86425a7e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'gestor_operacionalNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.gestor_operacional.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9643383632a567bf814e5e22900230753659ce75eb4da362e1b17c30766b2bb4', + 'sourceRecordsHash': '626f043679ceb73668a44c494085f6b7bc019ddaabf0176c59cfa439d7c0c902', + 'evidenceId': 'evidence-626f043679ceb73668a44c49', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'gestor_operacionalNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.gestor_operacional.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '27092e4c7a47c9f953044fb8be415487afb52c85d44118e5e852936ccbb839d0', + 'sourceRecordsHash': '71e9470868e3cd5cee4dcb5dca0a9aa91ee95bbc33a366f64172faa3ff1424f7', + 'evidenceId': 'evidence-71e9470868e3cd5cee4dcb5d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'gestor_operacionalNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.gestor_operacional.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0f0c7d15dd0cc66ae69ef3730a045a78d594dd60d618468a9bc569da93c03dbe', + 'sourceRecordsHash': '3965499d44e0f059e2dd275488a608c41c3b868c046c87cef625d672c36d974b', + 'evidenceId': 'evidence-3965499d44e0f059e2dd2754', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.gestor_operacional.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cf53b062e44bef90594b122ba1f603ed7e19095eb67fa12651cbf78c61c9adcd', + 'sourceRecordsHash': 'b2d18bdce27cf85ebc603fc9cb1b5a74e50ad7d32f3800210fd28e14c027e049', + 'evidenceId': 'evidence-b2d18bdce27cf85ebc603fc9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'gestor_operacionalNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.juridico.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'eaa561405af97490b772dbdc3748c40415754bea5c5e4c3876bcc05c4948e200', + 'sourceRecordsHash': '6d4a344f9a12d1c66d4e3ec6b8da61a973cb9bd6918df5aabe41e4b1a775d970', + 'evidenceId': 'evidence-6d4a344f9a12d1c66d4e3ec6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'juridicoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.juridico.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '630d3b626e5a65f86d5693a66afed56cb910319c86abf02f6a277eef80692ba2', + 'sourceRecordsHash': '2985d0c7dda4c233b2fc59bd5decf8e2802837164e4940ae47688b15fe972a0c', + 'evidenceId': 'evidence-2985d0c7dda4c233b2fc59bd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'juridicoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.juridico.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8410b16e56eee12ed2e25f488fc132c1d76cc807c9f70c791a46740c2afe2f3d', + 'sourceRecordsHash': 'e390831e33de80045514040faf207ce4fd8776582f13d6dfb40b81d2f641ddca', + 'evidenceId': 'evidence-e390831e33de80045514040f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'juridicoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.juridico.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ba75d3dfddc8fcc0b8e2b6d116822ed9b37ead343f76416db844ddebf9a88d02', + 'sourceRecordsHash': 'c4e66185cdf949f41f90a1abbc089be7ecc65c9d8517692efd326feddb6b4317', + 'evidenceId': 'evidence-c4e66185cdf949f41f90a1ab', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'juridicoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.juridico.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3c1f71411ee7cf8aae746255293fa10ea0cf60d07f987aa8a61376ada8ed3645', + 'sourceRecordsHash': 'fbe864cfa750654d5741a78695b9243f9b9270dd5ed2b048194991e248e36aef', + 'evidenceId': 'evidence-fbe864cfa750654d5741a786', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'juridicoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.planejamento_estrategico.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c982b655518732cc50faa276f90f4169e99b084d399a2dabd8f270ac7effcb52', + 'sourceRecordsHash': 'ad8ccf701e72652bcae804799f82e5a9bfc8e8f2603f2c5ecfc4c3a8736b99b4', + 'evidenceId': 'evidence-ad8ccf701e72652bcae80479', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'planejamento_estrategicoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f5da9b8c417c9be3e70f8b6500cccae83ac3caa7e6c7107df310e1cee1ce0ec5', + 'sourceRecordsHash': '1e1b61e5839fae182833c595af81468c81575a06293b48cbbf7641b32f3dec15', + 'evidenceId': 'evidence-1e1b61e5839fae182833c595', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.planejamento_estrategico.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '66aec318ba43e4b13c8893dfdc6176c1ea0288fab38e1ba4af30f81e56801c7a', + 'sourceRecordsHash': 'e9e5e308341227e00a81a5810fa273ec006945e72543ed1808825f72a81f9b58', + 'evidenceId': 'evidence-e9e5e308341227e00a81a581', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'planejamento_estrategicoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '21a7580f3b9f68a456451cd6538a06a4aeb077714f23552674e96a553b96d12d', + 'sourceRecordsHash': 'd219cbd8676c8a88b69275204dfc6a97723af6faab9aba8fb5ca10be43cf46c7', + 'evidenceId': 'evidence-d219cbd8676c8a88b6927520', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'af969ec8d85da56fa50ff88363f33e1578fbec2ec53ed1f2bd71242229175202', + 'sourceRecordsHash': '17931610f091a97b1be26182342e7e12a0d4608e07469cd9fb4abf46cb144fb7', + 'evidenceId': 'evidence-17931610f091a97b1be26182', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.secretaria.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '240c3db34b8a8d9ee81d8dd70f6d46083398021292cd87b8dd3e8b15a6581b75', + 'sourceRecordsHash': 'afb2d9e11859c0d9118a0a0e9f0bc753aa75c1bd4911800c66d9dc855bb17028', + 'evidenceId': 'evidence-afb2d9e11859c0d9118a0a0e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'secretariaNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.secretaria.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9deab34e4f3b4f2746c2abca72f1b6801a3ae11b0d7085b2ef2cb1ee92eee1bf', + 'sourceRecordsHash': 'ceff2af0341593dba74f07cf5da64dfa64a7a0b786111b7641d2419a52866fae', + 'evidenceId': 'evidence-ceff2af0341593dba74f07cf', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'secretariaNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.secretaria.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4147bb28d4ead07aa35f4eb3e48ab2fc587b11a42b4660468bf53db3ae32ada0', + 'sourceRecordsHash': 'f3d917611ef8bb62c667c7476bfc227ce1140ac6fbc7c454c6452e3024d631f3', + 'evidenceId': 'evidence-f3d917611ef8bb62c667c747', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'secretariaNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.secretaria.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fdb58bf8bda585eaee9d5d95223ba35565172a8890d90cba15aaf1353143841b', + 'sourceRecordsHash': '2a2120f5e6ac500183f8afecd19e3d0e64bd583b3c68090a6b5c4653152500f2', + 'evidenceId': 'evidence-2a2120f5e6ac500183f8afec', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'secretariaNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.secretaria.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '36bf8a71338c1d2fc1a601c5d71df1101e3705bc95817412e756debc8cdb5144', + 'sourceRecordsHash': '1a75fbf206a46a3a867c7f40acb685866b1680601324d35e115c14cd9a7520b0', + 'evidenceId': 'evidence-1a75fbf206a46a3a867c7f40', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'secretariaNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.suporte.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4f697a5f0129e0ea60fd03b5d942462d836f9c60beeac8b8b1c4b45f667104d1', + 'sourceRecordsHash': '36499e555d54edeb736f7f8c54d276aadd980cde29b2809b67b9825c029e7072', + 'evidenceId': 'evidence-36499e555d54edeb736f7f8c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'suporteNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.suporte.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '04db6ab59588c434420ada8c74869401774b7ebc99436fc30d14fe6769365686', + 'sourceRecordsHash': 'b55cf00e3af8f4ec5e2b832574db8ce9d7e7fd0a34466e458bd36cb812c526a0', + 'evidenceId': 'evidence-b55cf00e3af8f4ec5e2b8325', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'suporteNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.suporte.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '807701cdddaa5c54c2b35e542afb59b37dc30487aa4a65aba78f54cc5ba59ab1', + 'sourceRecordsHash': '298456292b7717b5c5174ec5e7f17d3f288da7166dce04d7669681cdbcda181c', + 'evidenceId': 'evidence-298456292b7717b5c5174ec5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'suporteNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.suporte.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '31036b94029c53ad7672843aa537af2045a7bde91936d529d32be0e102731acc', + 'sourceRecordsHash': 'b67a15a015b3928efc9c4923cb3a19b38a6139e99ba9b86b6dac211f2159d0f7', + 'evidenceId': 'evidence-b67a15a015b3928efc9c4923', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'suporteNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.suporte.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b67ba4a2d78969a39a1acb3c1f075bc834b40d38c2da91510f39d5fb354d864f', + 'sourceRecordsHash': '0583bdb82cfbcaec1bfaf870f78ffbcbadbdaafc2df1ceda7b6724be5beac2ef', + 'evidenceId': 'evidence-0583bdb82cfbcaec1bfaf870', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'suporteNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.tecnico.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a3f1ffe200db00c310b064d93a0c5d975653dc0c7ea6409f624016d1ed141c7b', + 'sourceRecordsHash': '432adc362307bf454e5eaecdba48286038946a71e72c31d96ecfd2b9ee5a3da5', + 'evidenceId': 'evidence-432adc362307bf454e5eaecd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'tecnicoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.tecnico.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9f211a00c64050e36230b7bfc7f8cf833cafa3d24d24a6f532c6e971995a4aa9', + 'sourceRecordsHash': '85f41fc0321d80acf250f8e7af715e4469eea7b206a6cda9e263f4a125023f16', + 'evidenceId': 'evidence-85f41fc0321d80acf250f8e7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'tecnicoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.tecnico.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bec5dec549573ff84130d940f5a86bd4bdcf597a2fc01623559f4c150a9f5287', + 'sourceRecordsHash': '1ee8f578bc1ac6696743b0520d400db070091ec2a96b9428cd6e2024f07e1440', + 'evidenceId': 'evidence-1ee8f578bc1ac6696743b052', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'tecnicoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.tecnico.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd6dbfdd6445db7fad331ba1bf15d4770c3c3c4f9698d61e8c28355614d00b39f', + 'sourceRecordsHash': '8c3d7261a3b3bd85d5cd0cdf0c676d1a01cfa41d571727574862c7c54fbb9348', + 'evidenceId': 'evidence-8c3d7261a3b3bd85d5cd0cdf', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'tecnicoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.tecnico.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd058baebe3cd4c7236f6595916d180e02c0f8450e270719ee1038bdefdeb000f', + 'sourceRecordsHash': '2dc1cd5321b9d6cec0531dc77687d2d2502cb43149b8ec531a113482dbba84e5', + 'evidenceId': 'evidence-2dc1cd5321b9d6cec0531dc7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'tecnicoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.usuario_final.acao.administration-route', + 'platformId': 'compliance', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '700d4fd39ffc523f3aa51830472e5bde72d78e117f5884857dd257c584fbc233', + 'sourceRecordsHash': 'c7cdfee0b4d9f6cd6e87276f45ea7197a65b2702e5aa9440b4a3576a8cdb2823', + 'evidenceId': 'evidence-c7cdfee0b4d9f6cd6e87276f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'usuario_finalNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para compliance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para compliance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.usuario_final.auditoria.administration-route', + 'platformId': 'compliance', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '91db222ee019f118d4f734db5a87f65e6d556875a01e212fed5e5df45293b942', + 'sourceRecordsHash': '103e9ec85a4139f2c1f90e5e6a9b7b53bc92114b74335f6415ece1df963072d5', + 'evidenceId': 'evidence-103e9ec85a4139f2c1f90e5e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'usuario_finalNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para compliance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para compliance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.usuario_final.consulta.administration-route', + 'platformId': 'compliance', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6d2e50e663f584260e4fb99911559aa7251c2059cf9a4a9a658b06ecbd850dff', + 'sourceRecordsHash': '8fbc6cc1a391d5e6b10ba806f24b4f0daea59ddeb99f63233a9c947b727cb001', + 'evidenceId': 'evidence-8fbc6cc1a391d5e6b10ba806', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'usuario_finalNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para compliance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para compliance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.usuario_final.diagnostico.administration-route', + 'platformId': 'compliance', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bb8d2b6094e43a3f6823d626ee9f475ca7d5c2cd268b086edc21644691156232', + 'sourceRecordsHash': '491d3e48c0831656557569f6c9a0eca71c825ab5259d772f58fac456afa33b69', + 'evidenceId': 'evidence-491d3e48c0831656557569f6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'usuario_finalNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para compliance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para compliance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'compliance.usuario_final.explicacao.administration-route', + 'platformId': 'compliance', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0b6e02e6bdf9b31094009323e2c011181be310ec7f990704cf2d343aac1966cc', + 'sourceRecordsHash': 'a123e8b4980eb0a70baf654e3f80ffbe0c003fece484b2bde176320db4673f99', + 'evidenceId': 'evidence-a123e8b4980eb0a70baf654e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'complianceStatus', 'usuario_finalNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para compliance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider compliance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para compliance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'customer_ops.administrador_empresa.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '948ae9de7f99094f56123932a88ea81fc0caf16fb666345942f09bd6e255f1b1', + 'sourceRecordsHash': 'cfcfeb945715dbfc0766a857eef41c99954949e91028a3fb8763f37493cd5af8', + 'evidenceId': 'evidence-cfcfeb945715dbfc0766a857', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'administrador_empresaNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.administrador_empresa.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '841f9d0a8e286b084ef0dff4f206fe12a492eb3f2ed29091bb57fdeda3ee5997', + 'sourceRecordsHash': '468e669a7a4d6c1dbb36243d03f19d43124a16effad3cf921a2cb98045693af0', + 'evidenceId': 'evidence-468e669a7a4d6c1dbb36243d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'administrador_empresaNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.administrador_empresa.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5a2910387a2b4cf442767a9c52c80be573c1e758bc9ec65d04d1b610d2e32165', + 'sourceRecordsHash': '654beed97df178ac4c88a75141210dc5a98da056725cf8b1f14df33226d8de49', + 'evidenceId': 'evidence-654beed97df178ac4c88a751', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'administrador_empresaNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.administrador_empresa.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0c295ce4cebc2aeed564f7d1755d49ba9b64976eb9bfb030fdfbbb1e9385be60', + 'sourceRecordsHash': '9465b99e620ea05fe947c33f9065a5c998bc7b23cfd6d444f410a919735aead2', + 'evidenceId': 'evidence-9465b99e620ea05fe947c33f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'administrador_empresaNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.administrador_empresa.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0d0951bbae8ed782671e7b833d3c7fe8c791e732030025044bde6d024c4abf2d', + 'sourceRecordsHash': '27c9d015e9618c378e15dbd69ea028058aa51583cfad161c7b82347b5ea43496', + 'evidenceId': 'evidence-27c9d015e9618c378e15dbd6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'administrador_empresaNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.atendimento_cliente.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8bb760d11d6226b532a4fcef99a7efeec3049e027e849d204ab7dfbabdc58d23', + 'sourceRecordsHash': '2fe2360c6250de2eb1f3018168cf012431413d583c9ef92dde89ca2fdaef37c4', + 'evidenceId': 'evidence-2fe2360c6250de2eb1f30181', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'atendimento_clienteNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.atendimento_cliente.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c5b657d83f74b2133ded22f857c677d0f81c9e1b1af107ba5ac13f44f70c2e48', + 'sourceRecordsHash': '0776a8e2baa4630815cfdf856502ec6a134442e3e6b48f13c1fe77c40ea592cb', + 'evidenceId': 'evidence-0776a8e2baa4630815cfdf85', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'atendimento_clienteNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.atendimento_cliente.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c84299ade3692d7c06f11034e851fa82e6d97d5a03efa8d576c4b18190912561', + 'sourceRecordsHash': '23eb68b688a8b03a87bf3b13ad00a2e347902cda7c5b3ea38efa28c2ba1f6888', + 'evidenceId': 'evidence-23eb68b688a8b03a87bf3b13', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'atendimento_clienteNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd62c4f79d3bd55975256b14d1165c88219316bfd4384a09c9bc50b5bffbab049', + 'sourceRecordsHash': 'ec92a38c6b6cd50ed89669eef1646e25f18da2674488f8b90ba639cc2ba07256', + 'evidenceId': 'evidence-ec92a38c6b6cd50ed89669ee', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.atendimento_cliente.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f5be0a53b49977b397b76610ec0f703cb25325af7afefa04dc5db910f984de9b', + 'sourceRecordsHash': '710714600cb92cdaf2cad4205186113e4f896cadeea25c7ca00a1f461409a43e', + 'evidenceId': 'evidence-710714600cb92cdaf2cad420', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'atendimento_clienteNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.ceo.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '52a376bd5d1d8365e309591b909324e9d16c5f26520520916d3b4e346df95467', + 'sourceRecordsHash': '50c1d4a820de5a5e7a8e79aef12cf8d86336a7b53aab9e7b990b13f3677a9e57', + 'evidenceId': 'evidence-50c1d4a820de5a5e7a8e79ae', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'ceoNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.ceo.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b40ace052b5df7486690c0d6e63332901067cde4e9afd4dd9e4fee62414978fb', + 'sourceRecordsHash': '81965d72ac4413a0fa2ca2c2c71e67539520327b01d2cc8a2ce8fb6672cc3840', + 'evidenceId': 'evidence-81965d72ac4413a0fa2ca2c2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'ceoNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.ceo.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '464d9a759c69e1e80c5be4aa8771c8aafa5233775ecb80d367acafef27eab8b2', + 'sourceRecordsHash': 'ade72ce74cc7805bf495104b419631ffff3aac3964f0a6c64cfd13c8e5d02a28', + 'evidenceId': 'evidence-ade72ce74cc7805bf495104b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'ceoNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.ceo.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '03c2d0e5713da6910e34d8ce19f024ad48bdc12aa9220dd61aae7579f64a8c89', + 'sourceRecordsHash': 'f076dbfe397fd7afea49aa3d345025f83d7cb2964992fe517072b9990e218af4', + 'evidenceId': 'evidence-f076dbfe397fd7afea49aa3d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'ceoNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.ceo.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'eea1e6dc9e2d358ce671c8b7da3ee46c41edafbb8cef4edf0a5e3d61c66ce837', + 'sourceRecordsHash': 'b0d799e832af5c83c87bbcacdde2353db6b41c2c936bbadafde7f2b08589033a', + 'evidenceId': 'evidence-b0d799e832af5c83c87bbcac', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'ceoNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.cliente_externo.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7f7cbfda796c292231300280a53d926f7f39c58c567baab95d0fcceb3596505f', + 'sourceRecordsHash': 'bc207d782a8726b9db91e6ce4315e25e40fca061535359b42c40225464b27d7a', + 'evidenceId': 'evidence-bc207d782a8726b9db91e6ce', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'cliente_externoNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.cliente_externo.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1c2eb3fc2ce8c3fad8f8860e3d8746f5da3439b14569967e63ebefdc82a4886b', + 'sourceRecordsHash': '4ab85da4dd69c9cef99fee4fdf0dc1883fe9d00a1c9fcd10dd062298e2b800a3', + 'evidenceId': 'evidence-4ab85da4dd69c9cef99fee4f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'cliente_externoNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.cliente_externo.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '33922aa2308d9f348e04504b0db299c97d143e88ee7bb4a01934d2b142c6b0e9', + 'sourceRecordsHash': '0bc254b2277212e67e2ae537feeaee3acf41f5a2611958e37c54689a0cfdee0f', + 'evidenceId': 'evidence-0bc254b2277212e67e2ae537', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'cliente_externoNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.cliente_externo.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '659f6e1c4b84d25ea8876c6762519c459bdf2974636b63e9776302bb0ad80d61', + 'sourceRecordsHash': '53694f2ffdc929ba98eda46d6ec7395cd9565aa4f7eb8e5832084436f8277f05', + 'evidenceId': 'evidence-53694f2ffdc929ba98eda46d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'cliente_externoNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.cliente_externo.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1e96743f93bbe7f2025750bce9137dccaa05875cc2bfbcae4d9a0c5fae606136', + 'sourceRecordsHash': '5c562be9ba099c04c217ba8b56cc3dbf2b82a8df7cf1b41f6c8c0e6f090c8a66', + 'evidenceId': 'evidence-5c562be9ba099c04c217ba8b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'cliente_externoNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.contador.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5f331ba4a2abf0e611470910846fa55d6f1ea861531c9d9d266fb2da56a50a2f', + 'sourceRecordsHash': '042ff382a6edabae3613535e0ab5a5525f496c2bd6186a361d9347ff1da39ff2', + 'evidenceId': 'evidence-042ff382a6edabae3613535e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'contadorNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.contador.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a35ea12fb93dcfccb167d40616b8f532a2a3142fe21421ba042e148628bece99', + 'sourceRecordsHash': 'b93f8a01c9d540c28d8b52290d998b364229b2d4fd460f7d73a542c2f5fe18f8', + 'evidenceId': 'evidence-b93f8a01c9d540c28d8b5229', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'contadorNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.contador.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '44a87b510080bdd997df8bc130a65487992c05e7e27ff3be74046786bbd366f0', + 'sourceRecordsHash': '279c334c9e614b70d9427d4689b2172de838306d3dc0e101f17ac8f244ecb857', + 'evidenceId': 'evidence-279c334c9e614b70d9427d46', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'contadorNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.contador.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b3160fdcf33405fa84f889fc9b5e61460606389a3b3a287a4a07350549160739', + 'sourceRecordsHash': '3f577d0017c4985c273ccbec072d474a015890d72109b58ef688cd04353101eb', + 'evidenceId': 'evidence-3f577d0017c4985c273ccbec', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'contadorNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.contador.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0bf89a845d5df16c498536e71ea9a10871263132c2b48d07ea749b7cae7934eb', + 'sourceRecordsHash': '1a47beafdef3e1a0a65b75d5af0ed324cca93b696b5b4eb84aa88a5b902cd5bc', + 'evidenceId': 'evidence-1a47beafdef3e1a0a65b75d5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'contadorNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.financeiro.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '908e8e92d0ef555fb30d719709c050e32e6c9aab80c7e5967880f981f3e341ee', + 'sourceRecordsHash': '305f88a181f8985a6201d6c090c62bd3f9c5a4d32a7d3a12cf60ec137a3b223a', + 'evidenceId': 'evidence-305f88a181f8985a6201d6c0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'financeiroNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.financeiro.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '618feb836c4042f9b609337a1b051335f1bf6b40e8d030d0963df6de7364757a', + 'sourceRecordsHash': '2efe75c71423ea0598e808d3c23c89bba4afa72158d4d5e172374aa465c595d8', + 'evidenceId': 'evidence-2efe75c71423ea0598e808d3', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'financeiroNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.financeiro.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1540ffbf5561393c9e7a5c6659ab5bbec5fd81c0f92e96034f2a4a02e144ba29', + 'sourceRecordsHash': 'd2097a7a63a08afd4951e8fd2d8e27a60c8d7b1c1017cabb3371eeb3f4787ff1', + 'evidenceId': 'evidence-d2097a7a63a08afd4951e8fd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'financeiroNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.financeiro.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2920cb33cf75bb3bde5d77a509642e659b3503427035c1526c9a25cb91304360', + 'sourceRecordsHash': '104291093758ff8329e6cbc6bab41358ff8f8c45cab56a29bf1717a6c8678360', + 'evidenceId': 'evidence-104291093758ff8329e6cbc6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'financeiroNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.financeiro.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4d0ef33308ed55fa0c53b27cdddb44b39b35046fafcfdd7ceabc2f198c9339fc', + 'sourceRecordsHash': '6e84d5e470ce7939a57d3ec998ae0a08412c5011deb9312742028b568e22d2fa', + 'evidenceId': 'evidence-6e84d5e470ce7939a57d3ec9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'financeiroNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.gestor_operacional.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd7c8cd8e054f136befb10b3fd1ec7c0593a2ad20da6bab63e1865fdfaf9cd775', + 'sourceRecordsHash': '7f0881bfb3619f4dec476864d2028fa982685cb7e7784499c9b81fa99fdc45cf', + 'evidenceId': 'evidence-7f0881bfb3619f4dec476864', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'gestor_operacionalNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.gestor_operacional.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '461ba2957f70fb56a3b7e05efea08ccf9841ef867c065e3474e56cf6f4a7f5d6', + 'sourceRecordsHash': '9fb1d527646472a7c7af2cce4b8a81022fa3715935f6e8c4eea8e86666541de4', + 'evidenceId': 'evidence-9fb1d527646472a7c7af2cce', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'gestor_operacionalNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.gestor_operacional.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5367951251d6e5d269e95d27dc9c21aa446b34f497a7e2a9b91d10412a78dc4c', + 'sourceRecordsHash': '0ae3a709640c3798f99ae379cdbdb02900650960871b3bfcdd06c47d59f90e44', + 'evidenceId': 'evidence-0ae3a709640c3798f99ae379', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'gestor_operacionalNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.gestor_operacional.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cde3266f8898f5e2ead965542aa38fd6f3fbc5a7392c025ceaac672dea9af755', + 'sourceRecordsHash': 'de8fb670eb2d0dcc27a08a076653e0357bb97c8b635ccb776f6245d81d707d6d', + 'evidenceId': 'evidence-de8fb670eb2d0dcc27a08a07', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.gestor_operacional.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e4239ccb23857e6c93f6351bbf6be83bd46d04dbce03e4e56dd110afd667671c', + 'sourceRecordsHash': '3b2b448497187bfb4a9f744bb89a2263069b2e8b557bcf48ae95b6668deda65f', + 'evidenceId': 'evidence-3b2b448497187bfb4a9f744b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'gestor_operacionalNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.juridico.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '22d5689aa76ae0f0751eb27dec08274e1934baa8cea5df0886dcbfabc48daa46', + 'sourceRecordsHash': 'b2b72c38292c8cdea1f2c0f9f8bfbf5655789e20246537f78a34074e0c834c4c', + 'evidenceId': 'evidence-b2b72c38292c8cdea1f2c0f9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'juridicoNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.juridico.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '547723c0a2e501f5b0108269d2e20431e574c3ce7dd387424fb8e418a4a481a2', + 'sourceRecordsHash': '325cae668e905bccd35f1299066f5b65e6c35ec56c99d0b3e0894d74aca71154', + 'evidenceId': 'evidence-325cae668e905bccd35f1299', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'juridicoNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.juridico.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c0c2ea594e9b0ac15ed971ff7f0e52ef26c44910334664c33ac54c0e7de19606', + 'sourceRecordsHash': '1f04cee2aa4c57755f5cf582ccc586d4aa9d69aff2f55a59024c0ca5c576c5d5', + 'evidenceId': 'evidence-1f04cee2aa4c57755f5cf582', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'juridicoNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.juridico.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1c046a775ffc92df190e7d00b074dcd4651a722aaeb869b09180b43f713f71fe', + 'sourceRecordsHash': '16b20b7ee526401cda57cbacc45d82830b222826f30f816d892d21005006a132', + 'evidenceId': 'evidence-16b20b7ee526401cda57cbac', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'juridicoNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.juridico.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0ab5ca7c6fff8eaeab66775babddd708175c72c00aa51815dea88e638a21b4cd', + 'sourceRecordsHash': '054cb845a74693e4c6ec1481a88c4bc4c6da0ba28217b31c768a8e2ac5588eab', + 'evidenceId': 'evidence-054cb845a74693e4c6ec1481', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'juridicoNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.planejamento_estrategico.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '94ecba4182143d0764a181590a6ae6655385f632428bc376762d5110c7d0f6f7', + 'sourceRecordsHash': '1d51ee78a02f8503afd1eb7be6e92eb3444715e4fe9691b09f3675d6e1de1911', + 'evidenceId': 'evidence-1d51ee78a02f8503afd1eb7b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'planejamento_estrategicoNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fe32cb5f3e0941819cec9ffcc368efb1ee8b174abe8568ec68cebde7f714931c', + 'sourceRecordsHash': '7eed4790f072dcb8e0b59e21df751eea5d6ec3ab8b3af807d9af4d9c907cb453', + 'evidenceId': 'evidence-7eed4790f072dcb8e0b59e21', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.planejamento_estrategico.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '249eb30cf74700542a1f6f1c965d2c10f46af0fa8d271321c8a076c779986cf6', + 'sourceRecordsHash': 'ad35a0a7546fc0eed9cb563ab23ee5945eee960345f5c804415ebf4543de721e', + 'evidenceId': 'evidence-ad35a0a7546fc0eed9cb563a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'planejamento_estrategicoNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8ba4a2746f318f668d97dde67b5b2b0b22454d9e265fe5a0d54cbf434254c1c8', + 'sourceRecordsHash': '8dd56592a613ae636ad2a963fccc13c377dfaf3c7329ff483dc4280b4b88b456', + 'evidenceId': 'evidence-8dd56592a613ae636ad2a963', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8ada21c81c481f8add7cd47c6d1dce1d7ab88154f37e80b79abd6798268a2b1d', + 'sourceRecordsHash': '0e604eb186424a33806ff70ab9017484dc6bcadd60897003bad8b2376a43b5fe', + 'evidenceId': 'evidence-0e604eb186424a33806ff70a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.secretaria.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a8a17fceb6352ef819d550926e24ec66760a57238ac6461ca53b98de9325fdc3', + 'sourceRecordsHash': '26ac7a0d6bd3e77ae069e991d4ca6125c87cd55876afa3e82c245a4bc35788ab', + 'evidenceId': 'evidence-26ac7a0d6bd3e77ae069e991', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'secretariaNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.secretaria.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f5cb10d4c77c745ba8435351b6a174e20110a69391ad287e572ff89c7248467a', + 'sourceRecordsHash': 'cd101b589d331f5f5b87dc4f8c045220c54320c0fa0b6383f946bd58fc4c2ffe', + 'evidenceId': 'evidence-cd101b589d331f5f5b87dc4f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'secretariaNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.secretaria.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ee92e0e6352f18c9cc2e9a2fe5715fd8f16f086db3c89b7869c21f6cdede52d2', + 'sourceRecordsHash': '93bd4a0806d561c18858326006b6d148c0efb6439eecaf4effa0ece98f04a1eb', + 'evidenceId': 'evidence-93bd4a0806d561c188583260', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'secretariaNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.secretaria.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '06ae7f8d98e9a10ce1f8fe37158b94f86a9a9385f3b71d7651d6fd969d0c23ba', + 'sourceRecordsHash': '77a2899e4dab10b18f960f58fa3b5b8aedddf557dc3d95eb043bf52f7ccdebe5', + 'evidenceId': 'evidence-77a2899e4dab10b18f960f58', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'secretariaNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.secretaria.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1a875de5d19475398cd8ea327b81ffd89015f2ebe322365fa870b65cef329e4b', + 'sourceRecordsHash': '7d90a286850ff8112e488c112d69b52ebadf6c1555f5de54381bd25aa730fecd', + 'evidenceId': 'evidence-7d90a286850ff8112e488c11', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'secretariaNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.suporte.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9e6fe7ab2e55a2c1d018833102e08d65cf4123f3e621f90ca180553593a89688', + 'sourceRecordsHash': '683610d7053f20960e3c1638502199d588b756789fbb784e90e2ebcbef62537d', + 'evidenceId': 'evidence-683610d7053f20960e3c1638', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'suporteNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.suporte.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f9f8d1ca825924392087f472e2c5bd70eecbc9bb4f1f4663d693a1f08e51d951', + 'sourceRecordsHash': 'd730899874ccefa4b86e0eebde24333e31ef775e597932e983870d25bc5fdeab', + 'evidenceId': 'evidence-d730899874ccefa4b86e0eeb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'suporteNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.suporte.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f10293f279a0c1557323cf0f9a39455b852f76f364a024ee97e14a788ddc51f8', + 'sourceRecordsHash': '255f9f411542bd8b5b1c2a1a70da3b34e11057787e5cdcaaf2bf5d9126b9d811', + 'evidenceId': 'evidence-255f9f411542bd8b5b1c2a1a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'suporteNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.suporte.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ea83729a77db8714827284dda2835e15e9d1fabb19bec53e0a65e2a2d5d60915', + 'sourceRecordsHash': 'a5f945299a57272bf2d04ac2a4d19a1bccf4460959fcf35420b870b970e1450a', + 'evidenceId': 'evidence-a5f945299a57272bf2d04ac2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'suporteNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.suporte.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ccb5c78b6066f3553764a81c253d2efb5c4604eddedee804d1c96b5c6211097c', + 'sourceRecordsHash': 'e0fc3225de9f64ceed1d77a504e33958220f3e066abf9ab78b86a8e3d4894693', + 'evidenceId': 'evidence-e0fc3225de9f64ceed1d77a5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'suporteNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.tecnico.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c165cd69a213147b24186199940f572ce072cd33cb1fa497450f11c5e9c91cc3', + 'sourceRecordsHash': '0200da8bc80defc164ea558c97eaa2246e28bf6769f8e0fe50524d5fdd0f7bcc', + 'evidenceId': 'evidence-0200da8bc80defc164ea558c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'tecnicoNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.tecnico.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'de9d9b8e078919b4c5ada20e15b1492d741d8c3a0ba008ccdd9c19a7b5aaf9aa', + 'sourceRecordsHash': '99d4a0444c730aa93771554d98bab442481b7a916ba4f9e035bc4478a2bc91b0', + 'evidenceId': 'evidence-99d4a0444c730aa93771554d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'tecnicoNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.tecnico.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '240707d46335d5f55717f3d94b1b1665c2393045bb5bf0357fac7ba62711c31b', + 'sourceRecordsHash': '1632aeaab72071db338c0d2f38ce9b81959b1ab9c41ab8a3efa98049a367c04c', + 'evidenceId': 'evidence-1632aeaab72071db338c0d2f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'tecnicoNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.tecnico.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '886dc82724d68f9f9da1ca53c39f1b4a2844f9cef72bc0c130cd44e41eedf170', + 'sourceRecordsHash': 'e900ce6ed1e99a2e2c7a72d626f87546c4dbcdd41fb9fcb76fb70affea4612ba', + 'evidenceId': 'evidence-e900ce6ed1e99a2e2c7a72d6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'tecnicoNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.tecnico.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'eba31dcc091abae69011e35386aee37cb93ee8d5aad3b8be3b8acf36e9fd0dc9', + 'sourceRecordsHash': 'ee21a5df3701899e3850e4bb5fbe724c74163deb88787cc094d0ea8fcd21ee12', + 'evidenceId': 'evidence-ee21a5df3701899e3850e4bb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'tecnicoNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.usuario_final.acao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '82a4747e0e55988a58184bbdd73f432e5b7aa9a1a6f589f55d42314d5c0987dd', + 'sourceRecordsHash': '55adffc1b77d4e8924bfa670adf8f15aba14d17475114562a4bf721013399b5e', + 'evidenceId': 'evidence-55adffc1b77d4e8924bfa670', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'usuario_finalNeed', 'acaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para customer_ops/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para customer_ops/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.usuario_final.auditoria.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bec48743d3f875a897eb646ef299093ec78f6c0afff4e8d77b66a0e6545e3b5c', + 'sourceRecordsHash': '254c261b8f7a5d2b76701628ae76e99c796520599ed80aeb1adc0733d1cdd242', + 'evidenceId': 'evidence-254c261b8f7a5d2b76701628', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'usuario_finalNeed', 'auditoriaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para customer_ops/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para customer_ops/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.usuario_final.consulta.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '437811f383f6b5a373fbd922e4c31c84f70eed3a1e7d1945db5e61cdd5c9d5f6', + 'sourceRecordsHash': '8ae008cd96f6ffc8367f9443ed35fa84ada4ab7c84ae9eef26ff91f04d650f5c', + 'evidenceId': 'evidence-8ae008cd96f6ffc8367f9443', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'usuario_finalNeed', 'consultaState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para customer_ops/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para customer_ops/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.usuario_final.diagnostico.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c400c1e98225049b93c8adbe53ac5de1658c332b3813fa4b592460e1b25bc487', + 'sourceRecordsHash': '541862d614510bc0e11a0637d3ec49d5b3a90f58208ddc4725b46b1fcf836cb7', + 'evidenceId': 'evidence-541862d614510bc0e11a0637', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'usuario_finalNeed', 'diagnosticoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para customer_ops/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para customer_ops/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'customer_ops.usuario_final.explicacao.administration-route', + 'platformId': 'customer_ops', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6ca49d8339574698203280b83142a0898d0e0c9ca9794acc6fd929070cca4448', + 'sourceRecordsHash': 'e650336a942449a3c3a6dd1437ab0e7a715413e2a80f901a91b500c1966c0b5e', + 'evidenceId': 'evidence-e650336a942449a3c3a6dd14', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'customer_opsStatus', 'usuario_finalNeed', 'explicacaoState', 'supportGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para customer_ops/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider customer_ops via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para customer_ops/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.administrador_empresa.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1828eba28b4274ed3810c8cbc070340e6b8b4350f8aaef7b7d2dca3a2aa175a8', + 'sourceRecordsHash': '346940b4ec21092bbfdc964b41e9d7817e1c508a4b98816739e4285c97cea0c8', + 'evidenceId': 'evidence-346940b4ec21092bbfdc964b', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'administrador_empresaNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.administrador_empresa.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fac623d8fe864fc09cdff9ae5483f18fd4bb7ff3a12cfd4530c62670d8caefe4', + 'sourceRecordsHash': 'cf3c26e318de54359670b6cb7c3590c66bcfc42e0eb667a03389905d89a93a54', + 'evidenceId': 'evidence-cf3c26e318de54359670b6cb', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'administrador_empresaNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.administrador_empresa.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '99f4b6cdfa952759a211ab5a870a5be101badeec59fcdec53ed381fd3be7886a', + 'sourceRecordsHash': '4db47c363333808ece2f256ab53f832a01c81449d847a140777253a274eda641', + 'evidenceId': 'evidence-4db47c363333808ece2f256a', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'administrador_empresaNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.administrador_empresa.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1524447942d010a2d3f337d0bd485ed61a26a4da78e5a96fc519e2a12520c234', + 'sourceRecordsHash': '9efec5d28bfccb7405ae99fd59f3c7ed69eaa5b3bbdaf9322e7860a799a88d59', + 'evidenceId': 'evidence-9efec5d28bfccb7405ae99fd', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'administrador_empresaNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.administrador_empresa.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd97811851700dbfa17efceb59743ea4d2d874f402d0068e7e60461254e6f0469', + 'sourceRecordsHash': 'cb60086f8807bc578abec35a3fb9ed7b5fc491934ea5a0578e337ed47e534dd3', + 'evidenceId': 'evidence-cb60086f8807bc578abec35a', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'administrador_empresaNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.atendimento_cliente.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2bb43d22ad583ca2ddb8826cdac7baf8f88d40e6996742a2521ac97a5eb1b16a', + 'sourceRecordsHash': '8a25c8efd479919c831b49435280e821d11d04a0f7a7ea8fdd7307407fd7e345', + 'evidenceId': 'evidence-8a25c8efd479919c831b4943', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'atendimento_clienteNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.atendimento_cliente.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1b85a66fed625a839cc55c8934d269f7496bad1c2b7ed4626b080d3c3cd68433', + 'sourceRecordsHash': '812f94916921fb1b58fe7ecaf66ed12456f28c8ec7b227a18e02aeefd357c842', + 'evidenceId': 'evidence-812f94916921fb1b58fe7eca', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'atendimento_clienteNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.atendimento_cliente.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'aa563441bfd8aa922a7298c299bdfaca0acb15f6ef85b127a1eecb8540a4dc77', + 'sourceRecordsHash': 'b57635f4d81c23f26e4b069e2cf748fae470703e1a044d118a66686e8f76d51a', + 'evidenceId': 'evidence-b57635f4d81c23f26e4b069e', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'atendimento_clienteNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3d79c14d2a01f4d7ac41237e47abbc5d0a36373a499ac763f11e44b48983c1c7', + 'sourceRecordsHash': '717faafd09a806dd68b2ff1069868d9e0aa1991b31b938a02283ed9cb0c67bca', + 'evidenceId': 'evidence-717faafd09a806dd68b2ff10', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.atendimento_cliente.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1acfad8faf974c22350ce71db767fe88da7ab492a71ea4f5bcea90d5fa5f0a3a', + 'sourceRecordsHash': 'd0df968c0b527fc5ae5c59a29bc7d3a4e98338309aabd12cd2a3880af8fdd304', + 'evidenceId': 'evidence-d0df968c0b527fc5ae5c59a2', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'atendimento_clienteNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.ceo.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '66fc35b529e041aba29e091c3334b6e6a9e19bd2b34b8ee37f52dd703560bd1b', + 'sourceRecordsHash': '301023501546306b1430cf93d41882bdf83034691682b767f479015c63b4c6e6', + 'evidenceId': 'evidence-301023501546306b1430cf93', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'ceoNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.ceo.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '11c577d7e6f728d43b552e45c6a6597abe26c7e3ae2d4a7bd0036a9a3182bb21', + 'sourceRecordsHash': '6e1d29531c86f3bfb053631550e1f6f2708437b0a82c32bfb2ac37f593229863', + 'evidenceId': 'evidence-6e1d29531c86f3bfb0536315', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'ceoNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.ceo.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9e2b95de4c339f9c64709a52b5edf579cde9baea89fb772b3d3af6e20d1f6b74', + 'sourceRecordsHash': 'd60614d35da495f081522b671c70b7b43649fc4c1d1def7e308c0092ce47e2ff', + 'evidenceId': 'evidence-d60614d35da495f081522b67', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'ceoNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.ceo.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bec485c67a704d7d3c45bc5d94b6650ea150a68355831260a0b1068a1298fe66', + 'sourceRecordsHash': '666b7fd7d72cefd7a4d430b79535bb87910562b157b0d5b66dde6ff88ff89045', + 'evidenceId': 'evidence-666b7fd7d72cefd7a4d430b7', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'ceoNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.ceo.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2d1c0ca6dd5ebf390cdcb6178ebe83b4291ea29275df951ea418c6b6743635a4', + 'sourceRecordsHash': 'b80ee7036757ea7268212e4aa961a7693a61b06b29ef40827c6496559744a0dc', + 'evidenceId': 'evidence-b80ee7036757ea7268212e4a', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'ceoNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.cliente_externo.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd85242943e96a28a2e3aca7ff1b6fd71691c0fe1ccc739bc9ff2d1f1ba4e64bf', + 'sourceRecordsHash': '7138a913f72eb38338317af5aaef05c6e48fec033f9e392352622fcb0bb3299d', + 'evidenceId': 'evidence-7138a913f72eb38338317af5', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'cliente_externoNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.cliente_externo.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cde92ac8176e660914758af7a216edb2237aac7a1cefd381cb1263d3d18aa916', + 'sourceRecordsHash': '1fe4ea929dcb93c81aa2f2184cdb6bb118c764d54c016f6c3940e2d56e5f8bd9', + 'evidenceId': 'evidence-1fe4ea929dcb93c81aa2f218', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'cliente_externoNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.cliente_externo.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '532ba667e89db33475a61307192778bec686e9c99229ca602b11c70cfa48906e', + 'sourceRecordsHash': '04942a2e3a4ebff69a11080fc519e81a80da6c08106864fef1930b24bd9cba93', + 'evidenceId': 'evidence-04942a2e3a4ebff69a11080f', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'cliente_externoNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.cliente_externo.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '127aeb87c76f2f88d6d62375859bbbbb3d2753db17235590d4d3227945f5f58d', + 'sourceRecordsHash': 'e304491952bf6c0558924429dd433dae1a94a8656faccbb067cd0725eb6afbfe', + 'evidenceId': 'evidence-e304491952bf6c0558924429', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'cliente_externoNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.cliente_externo.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7a187b2d02db461c9badec06e8060d7ef71e66150486bdbd3e7224bd5320844e', + 'sourceRecordsHash': 'd371ffd6817c5f0a60e4621126e2e141ad18405c7a50c6a3f39d4461fbe88e38', + 'evidenceId': 'evidence-d371ffd6817c5f0a60e46211', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'cliente_externoNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.contador.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7280b815fd7f54f3e42ff954a8f759defe6101493fd33148b4bbaf3eb03dbd74', + 'sourceRecordsHash': 'e97230fe93815d5dafa75afa7a266ca0af094ab0d9a17a58a04b7a25af6abd13', + 'evidenceId': 'evidence-e97230fe93815d5dafa75afa', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'contadorNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.contador.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0a35fe014d24145196c66c59be08fbb07829d11aea2f4a4e01596eb72f6de623', + 'sourceRecordsHash': 'bda0cd7ec5af6ee616308b82284eef05ecd662db3e9a02b8fcaf533549689fff', + 'evidenceId': 'evidence-bda0cd7ec5af6ee616308b82', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'contadorNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.contador.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1c2b4896ba4f690a7503b863ded77bd5657f6a8d64508ab263c66cc249780979', + 'sourceRecordsHash': '12c2eb08dfc32437f756dbf254ad6cfb737a8298ed4c271781285b937be5c49a', + 'evidenceId': 'evidence-12c2eb08dfc32437f756dbf2', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'contadorNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.contador.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6ab0b8bab9372b7ade00c588321305a48859f8a2d2f9907a1de0bd843c9a128c', + 'sourceRecordsHash': '6fdc8d784099893a7dd90395c661d5bc9c2915ed563b5969651ae2aabe648f3c', + 'evidenceId': 'evidence-6fdc8d784099893a7dd90395', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'contadorNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.contador.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '26f0c3c3f3db5bfc78506a00ad8affb894908889809568adecef105596b323ea', + 'sourceRecordsHash': '88096c6c37b2d692fc5519bbc1b32b4e90fbf8a252ea69fcf167ae35e1ecfca5', + 'evidenceId': 'evidence-88096c6c37b2d692fc5519bb', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'contadorNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.financeiro.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f8f628208a61c67c6722a4813907ba07c398fbcbee529e51b359ed26572224a8', + 'sourceRecordsHash': 'e889f2a8edea53987af6e37ae7fb2f025f8df0da2ae4d3bacf7519d1273a99e4', + 'evidenceId': 'evidence-e889f2a8edea53987af6e37a', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'financeiroNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.financeiro.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '791a646f63a38b7f3f6462067d47363069427bf52cbcc4b158b3afe94b665a58', + 'sourceRecordsHash': '8095558a1f35dbf8285f9b79f749dd37707e19c56f9b873a53387e5534133c65', + 'evidenceId': 'evidence-8095558a1f35dbf8285f9b79', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'financeiroNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.financeiro.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e8d2cfe4bb18e5f54f7db2520beadf6b0b9b293f3a041b5c78b4c5eb5a2b13a2', + 'sourceRecordsHash': 'c188f72ca7db6298f05a50bc59a77d151702447f6ecf2a59239996a692d495d5', + 'evidenceId': 'evidence-c188f72ca7db6298f05a50bc', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'financeiroNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.financeiro.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd2c95b525a1d9c697e0bf4ae414670004fa37ba499e90cdaa8240babd7252350', + 'sourceRecordsHash': '4eb71444857f2ba191fd98b7ea2319e6f726c8a3a4414cab6923730f25548889', + 'evidenceId': 'evidence-4eb71444857f2ba191fd98b7', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'financeiroNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.financeiro.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c56f6577abb282731173a010a13d13278dd07a404178c6a796c0ea9bc45d6280', + 'sourceRecordsHash': '133397aabb5a6d639a379379d7b7591b1f1ede2b93f06088909a305d09373b2b', + 'evidenceId': 'evidence-133397aabb5a6d639a379379', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'financeiroNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.gestor_operacional.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '65ba618ba03cf3741d7c6abf63a2f6b54a46dca327e3b9685235fda5d89dfab8', + 'sourceRecordsHash': '59450bb08828a812f44adb14e3a6ae0ac19982e866419c87dfc3fd7fc0215752', + 'evidenceId': 'evidence-59450bb08828a812f44adb14', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'gestor_operacionalNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.gestor_operacional.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '96e17405e2caa877486afb51c565ae114351aedad95570f35b72490ded2b7d1f', + 'sourceRecordsHash': '4b4935a69b738c2a9be0067b34f4b58baaad1a5ed89d5622f73e54e5cca7e6f8', + 'evidenceId': 'evidence-4b4935a69b738c2a9be0067b', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'gestor_operacionalNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.gestor_operacional.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1093c838ad3606d8b2369fd20004eb68838cfded8632fe4cb3ffe44fd448d0eb', + 'sourceRecordsHash': '9526a5b2284ad5bb22c88c5c529b4d9e7009f0c97d2136739af7af10ae684d49', + 'evidenceId': 'evidence-9526a5b2284ad5bb22c88c5c', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'gestor_operacionalNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.gestor_operacional.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '01153a6ae5ae970d01074a75362b47f20be19e9ab2c623ba593dc6a61e25936e', + 'sourceRecordsHash': 'd1b18664677146e54259337fd8b3f06a03db9fabfcab3a8fabd681dbc3a9afa8', + 'evidenceId': 'evidence-d1b18664677146e54259337f', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.gestor_operacional.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c9fc404f352c7351275b6ab65ae608ed4882a6770584d8e35708c09053d68876', + 'sourceRecordsHash': '3e6c28d4102456c4c4c17b12bf873f1c65e73bc0454103a2679771bb36ea726e', + 'evidenceId': 'evidence-3e6c28d4102456c4c4c17b12', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'gestor_operacionalNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.juridico.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5660c5e5eb26ebfc110e548402a6285c801cb070d36770f9b61291dee747e8bf', + 'sourceRecordsHash': '50cfb7ba141c7c3fe5dfaac869947fc7549b09ea383aa257aa83943479214f33', + 'evidenceId': 'evidence-50cfb7ba141c7c3fe5dfaac8', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'juridicoNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.juridico.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1fc1421272a64466671b526e4009e20232abf4fa0b4ee7053d4a43c2c94eb7bf', + 'sourceRecordsHash': '936945b085492100eb39b161d7c90e5d62fcdecee4860290ec86de115af812c6', + 'evidenceId': 'evidence-936945b085492100eb39b161', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'juridicoNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.juridico.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8370aa8702d7da7418a8d05e256a55b03de125d68fd2c95e4ede22bb030509f1', + 'sourceRecordsHash': 'ff1b6e665019433e90f8970312cfd4cb84f9a398a7ab6ecdf93cd30c9615cbd5', + 'evidenceId': 'evidence-ff1b6e665019433e90f89703', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'juridicoNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.juridico.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd241d3bc6d918f1c1b00700cd500d230011b1c731584790dd50655e24194332c', + 'sourceRecordsHash': '8f39fb7c8e2a0a5e64899184ef98b0d3ecfd548bcf8735bee4aaacbdd3bd7afd', + 'evidenceId': 'evidence-8f39fb7c8e2a0a5e64899184', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'juridicoNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.juridico.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '02f751eeb3f4fae24728af6a44666375a19419e18f806cc24d326dde2578ea3a', + 'sourceRecordsHash': '7c971e0b11f4de780e337b20a1d00ee185da2c4ba61287bcb15c8aefdedaf22e', + 'evidenceId': 'evidence-7c971e0b11f4de780e337b20', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'juridicoNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.planejamento_estrategico.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cc645931650000364886d745ab6f2e58f0f561df4066101d7586bba13c7fbd0f', + 'sourceRecordsHash': '735be2e45e8c23c5fe4b141eb89cbbf25501c8ea8b0f09753c57ab02bb45487d', + 'evidenceId': 'evidence-735be2e45e8c23c5fe4b141e', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'planejamento_estrategicoNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bb27866912a408a2565b601e4ef3686c66727c31696df87c854fa63434a17dac', + 'sourceRecordsHash': '229234188a3c8d1b6d1a3e4739d131890e83344dee04f7072e42d2fe5887b320', + 'evidenceId': 'evidence-229234188a3c8d1b6d1a3e47', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.planejamento_estrategico.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '219e91dfe9c89d327f4abc12d1341d9bccccd1841a2987eb2fb381ae35f285f6', + 'sourceRecordsHash': '34fd3dac4f4b60b2a0fd98b16e46217c7e2666d463d7eae9997394afe6903ee3', + 'evidenceId': 'evidence-34fd3dac4f4b60b2a0fd98b1', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'planejamento_estrategicoNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6302dc7350f5b996cda69e88df9c93b6413e983a1a7b393ccf48d23d7d5a8840', + 'sourceRecordsHash': 'f8cc3dfe95b031376ffada321b0f717a11e8678b8f2a1a7980e8a90f6b4ef622', + 'evidenceId': 'evidence-f8cc3dfe95b031376ffada32', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2cf52e76eb999ad6ddf4210bc75018eec19b09454d65a312d4eb20d2631f43f5', + 'sourceRecordsHash': '70489882ca4c9756f7e1ac67560453a8808a7f41a64446c80777a3270e17e362', + 'evidenceId': 'evidence-70489882ca4c9756f7e1ac67', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.secretaria.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b6b0e14c728100c98ffd6c7d72f72fcd6a5d05d9d26dc73989c90782a1102773', + 'sourceRecordsHash': '6b045129a059adbffe57ef0b32199e0c30a9db9a6479e19a2907bd2f2181abdc', + 'evidenceId': 'evidence-6b045129a059adbffe57ef0b', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'secretariaNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.secretaria.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '06fae23600d0d8b222bbdcef3efcfd0be612358e594db90ab869c137e5bd4b47', + 'sourceRecordsHash': 'b186e63f8b05e7c023fa22821e72743beff9352f2aa941ca8940cc8900f2b300', + 'evidenceId': 'evidence-b186e63f8b05e7c023fa2282', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'secretariaNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.secretaria.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e79aef0d2be1b69b6789699d9e8509165b44262de1de92553631d97e91f36efe', + 'sourceRecordsHash': '58a034366677b0414fd430c659cca4773706f444377776b2fad8b3ec00edd6e9', + 'evidenceId': 'evidence-58a034366677b0414fd430c6', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'secretariaNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.secretaria.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8c937f6c078cdffdef8786b24ba5646f937d44c7c2d35e35d726f637124bc21c', + 'sourceRecordsHash': 'f6fce1cefb9a943c703137c68b5aad559fd6e76d2f429e72d1a01f18a2d4990f', + 'evidenceId': 'evidence-f6fce1cefb9a943c703137c6', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'secretariaNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.secretaria.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'de1eff01fe214e20f0256d5204dbcc8810ad92e802af72c48dfceaf4af4ffb38', + 'sourceRecordsHash': '0d09ca758e0d3ab2ba5cfd6b129568e62eac83958ce61b89c53b9efbfd25bc26', + 'evidenceId': 'evidence-0d09ca758e0d3ab2ba5cfd6b', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'secretariaNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.suporte.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ce119aba3bf63062e08de2cc92863249519a239a65c8a75e8f637bfdb91ffd89', + 'sourceRecordsHash': 'c9a09bf7bce8d3d33437d2cc92b6f23aa757671a02ecf4facc63a72b3e79a825', + 'evidenceId': 'evidence-c9a09bf7bce8d3d33437d2cc', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'suporteNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.suporte.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5d2d2da7f4d8ecefe803f66c5a2d7877220dc3a0fcfb41acb92021e399679185', + 'sourceRecordsHash': '213670f82d95b62d4a262e7ed64e6c13b335c92a8a3e13327a95e073afabd172', + 'evidenceId': 'evidence-213670f82d95b62d4a262e7e', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'suporteNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.suporte.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '42e53fdbcfad38583506286df22ff51356a1d3c6417432adecf8f8df070a5c7e', + 'sourceRecordsHash': '11b1f7565fb6bf904abb32f647b161a2d31b3fc4591bfca3a23b4e356dcd4d53', + 'evidenceId': 'evidence-11b1f7565fb6bf904abb32f6', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'suporteNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.suporte.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '24d529e1e09f1c939ef3b81a8251c167b556b5c4896346760770cec93c844e39', + 'sourceRecordsHash': '5763dd2323a382f21ba15caa2e58c3074f648f9b0a9abe320b57311ab0b4d81a', + 'evidenceId': 'evidence-5763dd2323a382f21ba15caa', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'suporteNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.suporte.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f77c97a58150287e93d0145201b51f1f2e5957efaa46ecb8dd28f88467091aae', + 'sourceRecordsHash': '1d9eaa2f127220ba329b6159956a25f43f368b8a964795365e6a98243631589b', + 'evidenceId': 'evidence-1d9eaa2f127220ba329b6159', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'suporteNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.tecnico.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1943cd8aee82b90eeaeb5199a8ba471111beb036004bcb35396de0a2cf8a8a2d', + 'sourceRecordsHash': 'a584cab7ba1b8e4d91ca9a5a44b6ed53ff7e354b36a6e324156cbe9948d6249b', + 'evidenceId': 'evidence-a584cab7ba1b8e4d91ca9a5a', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'tecnicoNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.tecnico.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3013899d83c3ab06bdaf2f158e3f2ef9e50533eb4799091a13f86e8f34b63291', + 'sourceRecordsHash': 'd5f04b4aa13463904c3bea82c54a2f59b7616b7fc7151b3a06f49bb9eeea3b17', + 'evidenceId': 'evidence-d5f04b4aa13463904c3bea82', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'tecnicoNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.tecnico.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f1aab25294dd1ba0874bbde7a9c6e91c2001dc226fc4a100652dd9eafeae77bc', + 'sourceRecordsHash': 'a5b577fbe8193a3dd934acaa845c87080515fc5107de5237ed2695141fee44a1', + 'evidenceId': 'evidence-a5b577fbe8193a3dd934acaa', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'tecnicoNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.tecnico.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '31e89de30a8db4fe2108bf5037d1c0dd5cbda825a11df03b2a9fc33656995be4', + 'sourceRecordsHash': '00d42e7f01430a491fbf090276d77eb5d161d2539613dab8d6a7e9a44dedf5ed', + 'evidenceId': 'evidence-00d42e7f01430a491fbf0902', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'tecnicoNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.tecnico.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a119834cfa5c9dc1c56e0a6c341163634ec4162f2b857c8bfee9cdd9bf6d879d', + 'sourceRecordsHash': '65ae021ccc43f608782efc48b0f914c09076d7ec263e6dc7aa305a00539919e3', + 'evidenceId': 'evidence-65ae021ccc43f608782efc48', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'tecnicoNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.usuario_final.acao.administration-route', + 'platformId': 'docs', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '46379fce619c74733f58707d8ed73dcd5009384d574e77a66eaa68d57d5c6df2', + 'sourceRecordsHash': '8bcb657d48af6a2f7b8710202a6d4a714cbff37a0ecee1f599099879274de53e', + 'evidenceId': 'evidence-8bcb657d48af6a2f7b871020', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'usuario_finalNeed', 'acaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para docs/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para docs/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.usuario_final.auditoria.administration-route', + 'platformId': 'docs', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a61a8654a44803b86d2e68ac22bef86e2edc61bbff729b55389dafec6a28a9ca', + 'sourceRecordsHash': 'f3e782b85fb0de5428f118590243c783da3c18c7224d10e47ae2e196ba0140c7', + 'evidenceId': 'evidence-f3e782b85fb0de5428f11859', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'usuario_finalNeed', 'auditoriaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para docs/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para docs/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.usuario_final.consulta.administration-route', + 'platformId': 'docs', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cf413f3773b3e7b8b055fa75d2973621d99e4731b4ab58deb894cd0c3e4285b4', + 'sourceRecordsHash': '24ac307af503d971c52146d6bc68218c543068cbae56a0536081c7f155388854', + 'evidenceId': 'evidence-24ac307af503d971c52146d6', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'usuario_finalNeed', 'consultaState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para docs/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para docs/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.usuario_final.diagnostico.administration-route', + 'platformId': 'docs', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3627decce9370de13fc19e04a70c52e92bd7415303845ae007a3bd65fbf52729', + 'sourceRecordsHash': 'b49a1ebe140828953b79c4cfa2f3f83a3510d7f0b3b021491ed60dc128ba4382', + 'evidenceId': 'evidence-b49a1ebe140828953b79c4cf', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'usuario_finalNeed', 'diagnosticoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para docs/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para docs/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'docs.usuario_final.explicacao.administration-route', + 'platformId': 'docs', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9813cc74a4597dbcf5a5fc306a2d280c824f717b4256a8eff2864f85d1707ed6', + 'sourceRecordsHash': '0cffb9e36a2dfd5fb617e5127cba817298e234e04db2cc8fb01f1bf54c963634', + 'evidenceId': 'evidence-0cffb9e36a2dfd5fb617e512', + 'truthState': 'formal_exception', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'docsStatus', 'usuario_finalNeed', 'explicacaoState', 'documentationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para docs/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider docs via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para docs/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'finance.administrador_empresa.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '16ad6568dccb3cbb019fa2753d5fdd453f64015c843b94f7e03e92f44553fe46', + 'sourceRecordsHash': '38902e4eff57593901a8c201dc64d8a5316b26e7de6e147c8c788147c132b322', + 'evidenceId': 'evidence-38902e4eff57593901a8c201', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'administrador_empresaNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.administrador_empresa.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ff6d712bbcfd0c26874325f1d4c59ec59b8f2948b28830f175926f5b0c98fe74', + 'sourceRecordsHash': 'deb7ba20962e59fcb7793c8843dd09ab822c3f0e9c04e4dde0c399bffb23c8a2', + 'evidenceId': 'evidence-deb7ba20962e59fcb7793c88', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'administrador_empresaNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.administrador_empresa.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dca8346806a8948d1dcdfba34c740cff91ff64910616513bf70c23f1df9558d5', + 'sourceRecordsHash': '9a6e77daab5192e31e4af9b98a835193f9136cebb02bdf0ce2d49244d4976700', + 'evidenceId': 'evidence-9a6e77daab5192e31e4af9b9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'administrador_empresaNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.administrador_empresa.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '664e5f7ceb54eb64880f486b0d7b3fa53b1d8e11b6c9b99d08ee49791a89e560', + 'sourceRecordsHash': '2dd5d2f3c7844a92406b46523feb9f0018070ad6d66a7bff4a67da992f1f2f86', + 'evidenceId': 'evidence-2dd5d2f3c7844a92406b4652', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'administrador_empresaNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.administrador_empresa.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ab046d82ed4ae478832f61e797d7ae8f8d68a38a37f57ebae85d7d40d89b349e', + 'sourceRecordsHash': '351a8a9d422c43c0aeb2979fb184bc1c4e6c7e4ffd6c92afd29132b405edb36a', + 'evidenceId': 'evidence-351a8a9d422c43c0aeb2979f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'administrador_empresaNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.atendimento_cliente.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e2af87745fe09a6a0f56a0558676f4c0bdfca633ebd7a0961b35678109371dae', + 'sourceRecordsHash': '0d0a3277784f1d9adffc2a38b9a4e90ecfedd22254a3e334851fcb040dd68cfc', + 'evidenceId': 'evidence-0d0a3277784f1d9adffc2a38', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'atendimento_clienteNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.atendimento_cliente.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7837a4a520e21fe3ed86edf88b9b187d6a0d783196d79860c69eb05d2df64cb2', + 'sourceRecordsHash': '353641ab2caf151f5ebcc94ca66a1be16ee757c4c21b057c5c5357ed4f857916', + 'evidenceId': 'evidence-353641ab2caf151f5ebcc94c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'atendimento_clienteNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.atendimento_cliente.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cdc64fb1b25ee7b5813806ef2608ea3b904cc3e5647c3f9f8897b276dc190fa0', + 'sourceRecordsHash': '7e3a182a520ab8d3c3c1fbe9692be7a03865a782d4b1cbfb6371041fb00c5457', + 'evidenceId': 'evidence-7e3a182a520ab8d3c3c1fbe9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'atendimento_clienteNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '47a65bb3cbfafa92f58213cb536128b72b76bb6f792390672bd3417e7a119222', + 'sourceRecordsHash': 'b062fef129fdd7c828e907cc1a4dd47cb71d1d843cbc390689aec7d379e3cf28', + 'evidenceId': 'evidence-b062fef129fdd7c828e907cc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.atendimento_cliente.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bb6524cf9e1018ea1b915d3975ec51ee4a3be1d3e0c17fc8cb02e81b88469eac', + 'sourceRecordsHash': 'da0618e99186ef8d360b8e929394abb6377c60c0e1a70c06cd9f1f64202b7de7', + 'evidenceId': 'evidence-da0618e99186ef8d360b8e92', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'atendimento_clienteNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.ceo.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7ebe0d7aa32c961f204c7103f2f58e4e45934e477e0be6a8f60fbaf3fb7d1bcc', + 'sourceRecordsHash': 'b0f029500c5e6050bc75765ebac11761936b0139d4a67ffd2922f968e754be10', + 'evidenceId': 'evidence-b0f029500c5e6050bc75765e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'ceoNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.ceo.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '72328669431474a36b860efbd741f3a37df1dc0df8d67f01f86000474c5dd402', + 'sourceRecordsHash': '697ffb03f7454d9ff8a037b3acba07234a68594ceccf6793e861c49cd5d0446b', + 'evidenceId': 'evidence-697ffb03f7454d9ff8a037b3', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'ceoNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.ceo.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2e20f8eaeead8f65fa76211fd12a0bb16cceb5a24784a1730160193251e2c935', + 'sourceRecordsHash': 'f75a3032a748c69a68b5cbbd90b14d4297fd6c6e97edd2da386e3736b5c31f6f', + 'evidenceId': 'evidence-f75a3032a748c69a68b5cbbd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'ceoNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.ceo.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7cf1418a83ae5adb0e29658491eb2647622152b420ceb414aaaef9e714bed794', + 'sourceRecordsHash': '3c9d84570c7fec33e47c904be66dbf5d025373adc0a9b44689d537df9b7a27c9', + 'evidenceId': 'evidence-3c9d84570c7fec33e47c904b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'ceoNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.ceo.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '44f118e83a323026b32c70296401757984970575784b70c07c15d6de8a44f732', + 'sourceRecordsHash': 'ceb3a94c23c2414498977420ffb494d88765b00a575046aae2d0cd1e700d5f4d', + 'evidenceId': 'evidence-ceb3a94c23c2414498977420', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'ceoNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.cliente_externo.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4ecc62d1921b3b9386c6c1d4971fbf59ee891c6b6eee15f8a501b311c7ae5aa6', + 'sourceRecordsHash': 'e1b15666468dbbd8c38d70cd0c8d28e6bb03fd5453608dc52bc96a0d84f357ae', + 'evidenceId': 'evidence-e1b15666468dbbd8c38d70cd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'cliente_externoNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.cliente_externo.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '337b149b5a0f85c7a839ffee4e4db478b949f327d4e3da6a25d1afe4c10e21c0', + 'sourceRecordsHash': '090cd75846e11b869588172a026eee7a55af3d95483798faa1ef3e03594d4af3', + 'evidenceId': 'evidence-090cd75846e11b869588172a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'cliente_externoNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.cliente_externo.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ef83689e2130ec04a3c047afb3614e74e80fa6f88c2f57499a8bb2b36db3d338', + 'sourceRecordsHash': 'fd87637eca5bd07586c50ef7f57306389814a9e11360557df569005ff5a2b0db', + 'evidenceId': 'evidence-fd87637eca5bd07586c50ef7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'cliente_externoNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.cliente_externo.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f18b43bde1ae004da0acf02d3e7a4a5181990b97092c2e642aad22765b2d8a7a', + 'sourceRecordsHash': 'ac6ed7bb4d06527a8ca04e3846c145bfb5a0d9715161bd3d9419d3c74485b736', + 'evidenceId': 'evidence-ac6ed7bb4d06527a8ca04e38', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'cliente_externoNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.cliente_externo.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '147a9d51d416274213011d8dab47b7a00b3c2938ed2f2c7624c163c120dbfb71', + 'sourceRecordsHash': '3d8066d09a087207ad6a1c7ad2543c4c2f5ed60223dac4f8ed94a23d98403eac', + 'evidenceId': 'evidence-3d8066d09a087207ad6a1c7a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'cliente_externoNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.contador.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a3a1ff5a2962391246e618ce5bdcf3066e0a1d69dd240fdfc3cd511224d21517', + 'sourceRecordsHash': '41329b7474506cbe5ebecc8af091981927cad1c02eb47e2827c6ba63856ed3a8', + 'evidenceId': 'evidence-41329b7474506cbe5ebecc8a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'contadorNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.contador.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cb39a9a53bce8c24e88373e66c5993890003b29175bbb6922ad04bdde3eb1741', + 'sourceRecordsHash': '3a14235f989b05929c8d0a8f8bed2f565143067bbb2cbd3933f8b555d17b0fe8', + 'evidenceId': 'evidence-3a14235f989b05929c8d0a8f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'contadorNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.contador.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'eee46fc109d79512925f2a9bfff9c5f1b982d1c278f767017d101d5209660171', + 'sourceRecordsHash': '8817e6bdde02179a1821eccf56e10449708ac4c00eb45bf00584580cfa877c80', + 'evidenceId': 'evidence-8817e6bdde02179a1821eccf', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'contadorNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.contador.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8352f4d7aa8feb697b5feb784677b98649265e60e3c2f8dc1bd2cccbbe7e0cb8', + 'sourceRecordsHash': 'f0ba115295cf2f186e840ec4501ea2e021f6945ce417ebb6cb7ae42aa37b9c93', + 'evidenceId': 'evidence-f0ba115295cf2f186e840ec4', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'contadorNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.contador.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e4fd6c0b5ae558a460e82fe648903d798fff2429f570e5715541442afe344f91', + 'sourceRecordsHash': '988af97e2ac74be5a5016f6acf9be1d3e890affa0f6beb28f5403a205515ae0a', + 'evidenceId': 'evidence-988af97e2ac74be5a5016f6a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'contadorNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.financeiro.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '231d2039810d14860c33a72e57ca051b5eed5c0272762bcf84a5cb1f13c54073', + 'sourceRecordsHash': '603888ff917c998ab7788cada0d4982b319ea1016ec5d9de5b5ac04b48f01798', + 'evidenceId': 'evidence-603888ff917c998ab7788cad', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'financeiroNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.financeiro.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '28f7f70a3cf50bb46f631425049a3c1606a1f4626df7c5dabcbe5fc8ed41883f', + 'sourceRecordsHash': 'c1790521c91ae78316586de0a672dfd918526a1b8dd6333112ba376d0706cc88', + 'evidenceId': 'evidence-c1790521c91ae78316586de0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'financeiroNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.financeiro.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8e3d497070365caaa55149a3b02a1960f0b4bc906ce9c171ba8fac90b07057cf', + 'sourceRecordsHash': '7d56d890416852a04849a8810b16c34dcd1fa6ebbf827217888c8402b8bb5ddd', + 'evidenceId': 'evidence-7d56d890416852a04849a881', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'financeiroNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.financeiro.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6c96aab6489e1cf8400c04add1dec8fc1300f75fdeb240f069122923323e3369', + 'sourceRecordsHash': '96b68f4424163cdb35885e209d78caff32eff819daf3de4f8ebe864cb4d0239e', + 'evidenceId': 'evidence-96b68f4424163cdb35885e20', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'financeiroNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.financeiro.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ac44376293f0e8c083b9a22cad652cd32680611072c28e9cef01b78e332b831b', + 'sourceRecordsHash': '23df5150e457ad917e4cb78f3d3e04f5bf5d85d396c772adae923c1743817a04', + 'evidenceId': 'evidence-23df5150e457ad917e4cb78f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'financeiroNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.gestor_operacional.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd6b5225ecda26375337d7a0623cbdbe87e68e3a9af6a3ec1e3002c5ffcce705a', + 'sourceRecordsHash': '2eb34ac9112184c12cc805461f41b198e62bc6d009853324c8b9afec920dc671', + 'evidenceId': 'evidence-2eb34ac9112184c12cc80546', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'gestor_operacionalNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.gestor_operacional.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2cde084905d9ea78339fcc576e1d9ecc3166c578ed01481e702859ee85f9e189', + 'sourceRecordsHash': '69839b0b197adcd6e60c754aaddabae703ef62dd047068d3bb8f152b3ab942af', + 'evidenceId': 'evidence-69839b0b197adcd6e60c754a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'gestor_operacionalNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.gestor_operacional.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f88f196b7e3257cdb20c0fcc8d44e9ca47c46730350ce92c1b85c9fd94bb99e4', + 'sourceRecordsHash': '0571a7eadd1e98134bcbcf799db3adc4ff6a9107f7099f2c76b77850e32458a3', + 'evidenceId': 'evidence-0571a7eadd1e98134bcbcf79', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'gestor_operacionalNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.gestor_operacional.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e601f816a0eb3704e5cb9ddd8f3f01ae827e569a787dc63da39a1a0ec512af34', + 'sourceRecordsHash': '54809888a3460031f85418316073d1f51d3e25ad3ce7c59a4b934f5ff406c87b', + 'evidenceId': 'evidence-54809888a3460031f8541831', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.gestor_operacional.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5005774800056934193ca20990725edfda7924fef7fb58ad7c40d51caefb4f8e', + 'sourceRecordsHash': '47af240fcd48eab9b045331e4640b89fe4bc47a49d19fb9025c5faeef34ac64e', + 'evidenceId': 'evidence-47af240fcd48eab9b045331e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'gestor_operacionalNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.juridico.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2d92b69b00f9d8f9d21a59be5a43e13afad8adf6cbe44c54bb151debbc380450', + 'sourceRecordsHash': 'b2e1458916b959d1ff847138b8fe814832415ac5db93f01f2ee4e0196893b390', + 'evidenceId': 'evidence-b2e1458916b959d1ff847138', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'juridicoNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.juridico.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b6eb5c2a648ae91d9b15ce8899529b0c34cf1c0a1acdf2147c1c998c25ea69c7', + 'sourceRecordsHash': '83792d100bc80ba926b5c7d17da03e340e446b839f7da52a60ffa1bfb5f51285', + 'evidenceId': 'evidence-83792d100bc80ba926b5c7d1', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'juridicoNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.juridico.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '717491ba23a2ec3e81ffa4b52a75610ae6f6edf5a2e73fddeeeea03639321c31', + 'sourceRecordsHash': '457c071433c0c338a39cd9df682c3e4525e3371af185a7783da3756e17f8210a', + 'evidenceId': 'evidence-457c071433c0c338a39cd9df', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'juridicoNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.juridico.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3bc5329ef9353db32f54a7bfccff4622d608850d1f51266e3887abd9a8fd27c0', + 'sourceRecordsHash': 'f431d840d7d3e80103f8c6db3f6985ac3b970ed9935e47c6d2246ccd47ba0e6d', + 'evidenceId': 'evidence-f431d840d7d3e80103f8c6db', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'juridicoNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.juridico.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '96b2d66653b24c3282f3d3b3ca3381b664c058c691473ae455aabd53a74f6d31', + 'sourceRecordsHash': 'a2b1aa81238ab845b8955f3796c4012f998ba43c4019b25cf617c0a6635fe7e3', + 'evidenceId': 'evidence-a2b1aa81238ab845b8955f37', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'juridicoNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.planejamento_estrategico.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'af5f493d2c04e69aa4bd836db9dc5313063b73325b87d5b33b179fed5cbbdf9b', + 'sourceRecordsHash': 'a0fe9ba2943b1b65606a93eb2d6eea97fa0d47eede4fc2ca3784a247f4dcc4f7', + 'evidenceId': 'evidence-a0fe9ba2943b1b65606a93eb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'planejamento_estrategicoNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a9bed5e81874ebfc527f081105492f5330cda22698b9546cff4993c2f42443ed', + 'sourceRecordsHash': 'ceb1ab288edabeeb0a55623db08633b6d054b52b545619f2692329e610471745', + 'evidenceId': 'evidence-ceb1ab288edabeeb0a55623d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.planejamento_estrategico.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3c165fdb89d5b42d8322fcc8c8d7f144370b18e6e1e0b5d05f2c6549befe415f', + 'sourceRecordsHash': 'ce253970562e379b130e24f93f4f0503c6a1cce6fe92a4f03174182877e06581', + 'evidenceId': 'evidence-ce253970562e379b130e24f9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'planejamento_estrategicoNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '795a727e88e25d9dace9b512294778c7dfbf8facb18753ed0cdc716a75ed03ee', + 'sourceRecordsHash': '8200dbacc442a1f4fb96cd1fbe258f62b47d60024fc91ff7136f3d7d501d75c9', + 'evidenceId': 'evidence-8200dbacc442a1f4fb96cd1f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '40a8c3f257cd468c1bf28c5826ab1c62dd1097317cc2df1b70967215f50f7b60', + 'sourceRecordsHash': 'e326cb6a5147fd51dd1d6826c56e52963d491b8f6a45db942011e4dc3832a1c7', + 'evidenceId': 'evidence-e326cb6a5147fd51dd1d6826', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.secretaria.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c7faeb29578d3a7957c1756ae3c5b11fd9f039ea67a04f9c47aa1ca29783919d', + 'sourceRecordsHash': 'ce7a53f10dcd05366e56159e0db8a8183b96f8de32182ed7045a6ab1d50a4167', + 'evidenceId': 'evidence-ce7a53f10dcd05366e56159e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'secretariaNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.secretaria.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7888fa4418011dc767643a90e6cb0fddd41ef295a9f61db9f801b4252c8a790d', + 'sourceRecordsHash': '9829a2731ae49252fcee349c0a10e56a48dcf034262875617ec7e63c6214ebb2', + 'evidenceId': 'evidence-9829a2731ae49252fcee349c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'secretariaNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.secretaria.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '18630400fc9bcb8a5a1b962f93a3f287bf1e25d21807fffb3b26c09ef0847154', + 'sourceRecordsHash': 'e27c2a9251dc1713b8173327d0a65353a671d817ad23c252261ea2b0961c262a', + 'evidenceId': 'evidence-e27c2a9251dc1713b8173327', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'secretariaNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.secretaria.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '34846f2659593dfee6225da4534370f59229ea1de779beccdcc0f5250ee89973', + 'sourceRecordsHash': 'a4c63d4977fe22b3772ec4f678b4b252e9e2d73e2ca71808cdc75c69071c2bda', + 'evidenceId': 'evidence-a4c63d4977fe22b3772ec4f6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'secretariaNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.secretaria.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '66c40e49a63d466534281e42a651e3df2e4e2644e7d98f5dc5c7658ba5e3c3d8', + 'sourceRecordsHash': '8ace6757a71bb1fb14bb2b388cb96794e67c5833e2173585cb283a74cd2f58ae', + 'evidenceId': 'evidence-8ace6757a71bb1fb14bb2b38', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'secretariaNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.suporte.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '55e773640e2f21441073982fa3f6cf33ab435c2c1b00a3d16b7b5421fd240e06', + 'sourceRecordsHash': 'b263c51956b1a9eaef37b60b06ccf8f916c4015d4c4f5de3bc3b55f13626a903', + 'evidenceId': 'evidence-b263c51956b1a9eaef37b60b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'suporteNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.suporte.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0bfb2aee3e5d7f913eddfc085a7b8f5475d863726694cbacdeb96afb20979dc6', + 'sourceRecordsHash': 'e6bbd6aa060b8937aa4fa4745637c2a61d51bd93772ead10e1e347a8b0ffef74', + 'evidenceId': 'evidence-e6bbd6aa060b8937aa4fa474', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'suporteNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.suporte.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7b0d7fc377041e539be643e0e390e59cc85eea42a17c41c776c3bc1cb77e70ab', + 'sourceRecordsHash': 'a3452f5c1e09acd5973c6d816f94011cb0e502f694c57e51b0044fe2b5e20c77', + 'evidenceId': 'evidence-a3452f5c1e09acd5973c6d81', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'suporteNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.suporte.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '775cb51c20ca7ba53de486f6d1bce7ba2db551e32d2f5a62c4dbbfe956bf8819', + 'sourceRecordsHash': '45093649610a663096f57e672f47c3a18a0ca701aef8a3bfd64ad8cc8a391ead', + 'evidenceId': 'evidence-45093649610a663096f57e67', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'suporteNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.suporte.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '892cca62f5984d65c5eb490da24dd51e098698e70d625ecda0ceb7b07c8a2395', + 'sourceRecordsHash': '0b6322d10a432869b8772b21fbf1500cf23c5af43a99755384f45f4adfee5e2a', + 'evidenceId': 'evidence-0b6322d10a432869b8772b21', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'suporteNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.tecnico.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8581c5554349872d70cfce032b318e3ab48a374d3849bf7a66952e4ba1f2555e', + 'sourceRecordsHash': 'efef18c33067274c5f1198a2105cd497b039defca3daebe9a81a86e016513e3d', + 'evidenceId': 'evidence-efef18c33067274c5f1198a2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'tecnicoNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.tecnico.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '59a7f605c549aa0222fc885238649b3d978c0cb72585d53b57cbfeecaa37a97a', + 'sourceRecordsHash': '8a48b93ae3ca4327bf894b352771b2b74aec0dd03f7601201c2ee269cde6fd3f', + 'evidenceId': 'evidence-8a48b93ae3ca4327bf894b35', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'tecnicoNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.tecnico.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c40d6a7c5846f389cb8acd75b3601000af8146ae10077cdc7c07b0ec9f97ec69', + 'sourceRecordsHash': '09e2e914611744e4e46b565eb3f3ff807ee4ad725fbafdda759bebbc09b5f0cb', + 'evidenceId': 'evidence-09e2e914611744e4e46b565e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'tecnicoNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.tecnico.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bf05c2457e35642e3be143a5c4906b6e8df803fc796917e324dace90ec0e278b', + 'sourceRecordsHash': '8b3420d0b708f9bac5601b8c5a51f769abc8caae95f7718e8c1a19637fa25ce8', + 'evidenceId': 'evidence-8b3420d0b708f9bac5601b8c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'tecnicoNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.tecnico.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a071f4cf1fd533c293333f6ce1861168c96df139e312a940045ea26a1a3d5d9d', + 'sourceRecordsHash': 'cc09e762712126e2330f7deb532957bcd41481a504d118a77a10aaad43a2edac', + 'evidenceId': 'evidence-cc09e762712126e2330f7deb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'tecnicoNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.usuario_final.acao.administration-route', + 'platformId': 'finance', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0fd81e1df2527f16a47b6bc058ad05cc8f4763b10899c62d07f4671aa52e4504', + 'sourceRecordsHash': 'dc219e8fe7c91a700dd08f141b3067d7491872e821bad507cb95bfc1703bcbef', + 'evidenceId': 'evidence-dc219e8fe7c91a700dd08f14', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'usuario_finalNeed', 'acaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para finance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para finance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.usuario_final.auditoria.administration-route', + 'platformId': 'finance', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f318f6ac626fc80097acc985b6459af2897e7e43404ae552cb6243356bbfb26e', + 'sourceRecordsHash': '33380d9bc5049dc78447e5a5798998b8fa7eb9d208ee3c060ab461fcb77ca817', + 'evidenceId': 'evidence-33380d9bc5049dc78447e5a5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'usuario_finalNeed', 'auditoriaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para finance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para finance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.usuario_final.consulta.administration-route', + 'platformId': 'finance', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '856ba9b29b6f9e6ab834da2b169594d622aa49105fdd6e6979c875838f5a955f', + 'sourceRecordsHash': '084a97c6a14d8d64739d15fe4a185973d32a8b39f3e247c001608fb72b6771c1', + 'evidenceId': 'evidence-084a97c6a14d8d64739d15fe', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'usuario_finalNeed', 'consultaState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para finance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para finance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.usuario_final.diagnostico.administration-route', + 'platformId': 'finance', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '026fea7317f25ba876fc226de6b2c92a72c72e7cafef8e7006db4953c98370bb', + 'sourceRecordsHash': 'b5854aada4824a27d8cd5eb00f73c54ef809eac3a82fcaa3878b88b67b9d58e2', + 'evidenceId': 'evidence-b5854aada4824a27d8cd5eb0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'usuario_finalNeed', 'diagnosticoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para finance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para finance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'finance.usuario_final.explicacao.administration-route', + 'platformId': 'finance', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dad9c3cff2ab07cc11f32948ca07942fa264bc6b5eb1bdd4755061f3c72dfed0', + 'sourceRecordsHash': '1b62b7f73aab864facc887b36997be7555b21602b5d2e5710c60979f99e370b5', + 'evidenceId': 'evidence-1b62b7f73aab864facc887b3', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'financeStatus', 'usuario_finalNeed', 'explicacaoState', 'financeGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para finance/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider finance via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para finance/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'gettys.administrador_empresa.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '73884f8203109b5d8b6d9f7f0bf3a0d85c696043d938f71e3b5890b87ade1131', + 'sourceRecordsHash': '25b7416e2574bbceb5c7c8f2b3522c30ab4af4d9b686efa5318bfc3fd665de56', + 'evidenceId': 'evidence-25b7416e2574bbceb5c7c8f2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'administrador_empresaNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.administrador_empresa.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fb770024a98f9fbf149dd42a5e2cf11a811d886dbed7751615b7009da0e43398', + 'sourceRecordsHash': 'ff74c58a6d6f5a0bc49209ebff91c04b249eb03cff8007ea5e4aed6a7fe41c58', + 'evidenceId': 'evidence-ff74c58a6d6f5a0bc49209eb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'administrador_empresaNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.administrador_empresa.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bca9482e609ef1178a45bf9bd6047bfd8ef2bfcdc3cdb0ce57176baba5bd8b9a', + 'sourceRecordsHash': '2452ebaa3195fd63ddc718a000782b78454a30d97e2f50a94247e110d102ad37', + 'evidenceId': 'evidence-2452ebaa3195fd63ddc718a0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'administrador_empresaNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.administrador_empresa.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '40b2f88b270eab47232708f4b507f923b01b69fc2b394490074a49cb6806dbd3', + 'sourceRecordsHash': '68672253cc0b3388a101a0a6acfba78151c48427b453aaacd9bf4d1f9556f0a2', + 'evidenceId': 'evidence-68672253cc0b3388a101a0a6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'administrador_empresaNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.administrador_empresa.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '40aac18c595793c1cc5d1af9359ef7c4a42ceae1a18ba323823b10d2cee407f1', + 'sourceRecordsHash': 'd891f54c46914bded1d9791be1d5fdcd64fa2be548e9574ce25a5aa0ee7228c5', + 'evidenceId': 'evidence-d891f54c46914bded1d9791b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'administrador_empresaNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.atendimento_cliente.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b3b3d86f8f79952b3e2bf0902b3e12f2974064d9e544ca484a6522e7b919cdd5', + 'sourceRecordsHash': '30cd60a35dde3f005728874c822cb4f3eeee68d55a841b265c10cfe1c3301da7', + 'evidenceId': 'evidence-30cd60a35dde3f005728874c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'atendimento_clienteNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.atendimento_cliente.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd48d60a4115028e34f3d1b147b838211c8b03c3ef3567bab32d57b19414551c4', + 'sourceRecordsHash': 'b4af1499c0ec134c58f39de97c858d916435769884cd02c6e952cb0c13d6f174', + 'evidenceId': 'evidence-b4af1499c0ec134c58f39de9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'atendimento_clienteNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.atendimento_cliente.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a064aec3c1c7cd44c81161126564141887483957de858afe98faca563f836b46', + 'sourceRecordsHash': 'b006a2171a6ca1b949224bf5a9725a77fe8e6199072e7706665b2642054a7ddb', + 'evidenceId': 'evidence-b006a2171a6ca1b949224bf5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'atendimento_clienteNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0de15fb6b5a8e226597b78953438b0088ccd710e2fe0deab5583e8ab5ad766a8', + 'sourceRecordsHash': '393be80f0887c3eb2b0b9bf4ce857842cd31208530bc8e8ee3c14cef50e9f511', + 'evidenceId': 'evidence-393be80f0887c3eb2b0b9bf4', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.atendimento_cliente.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6b9ca4caaa21177b6bcc38530e4a0d13a97bb2e1a389916d619ab57cc3129dc9', + 'sourceRecordsHash': 'df6b51cb66d6324a08a1b0b9db8e1ee47d33ba87c4cd4f60dc1434e11b4c9866', + 'evidenceId': 'evidence-df6b51cb66d6324a08a1b0b9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'atendimento_clienteNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.ceo.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd4abb1114936ab5ff630730b1e95befa2d79f98b72c1557bd70250c5f16eff29', + 'sourceRecordsHash': '8c1d8133cc6af11a0de95db80e6fa2c2ac31bc5fd199ce256cf0fe7fc983425a', + 'evidenceId': 'evidence-8c1d8133cc6af11a0de95db8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'ceoNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.ceo.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4c5ff8be8ecdf3f9ac3b54d5b4aa7b4e963abd054828732802fb87f179cdf6a9', + 'sourceRecordsHash': 'd764bd0a538462b80ff313c0622b7f915a115260faa6428770a17c7d82d00e1b', + 'evidenceId': 'evidence-d764bd0a538462b80ff313c0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'ceoNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.ceo.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '450391e0265508f0a8dbf8e7836f7c2bf6c88f0708e6f95ef068201fe549be69', + 'sourceRecordsHash': '90099d4f150347ab1f7a1128d313a39d6471ce7c7b31c1cc8e42eec9306efaf0', + 'evidenceId': 'evidence-90099d4f150347ab1f7a1128', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'ceoNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.ceo.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1989053940bd8ca50a404f55b6714eb870ee2d550856fb8b61fed77d529c3d5a', + 'sourceRecordsHash': 'f670f009d44a31f9367a1c35015c4c41e4fb62571868e164091a599347890585', + 'evidenceId': 'evidence-f670f009d44a31f9367a1c35', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'ceoNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.ceo.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '62b4f126389cef041678548dae37cd11a7a4a2f154cc0e10a92979e7cad95619', + 'sourceRecordsHash': 'f38e635c9b171aa6e9f4858378576fe2738372e9bd2757808ec6e34ec59c4ab2', + 'evidenceId': 'evidence-f38e635c9b171aa6e9f48583', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'ceoNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.cliente_externo.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fcc95a4552a35ecc94394ea2ccb97da9b2c27fb549b939e7a9d8be61a4ac8f34', + 'sourceRecordsHash': '48fac947a1a18353889ba98911d0d21b9654bb272a111f9c4451f491378276f2', + 'evidenceId': 'evidence-48fac947a1a18353889ba989', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'cliente_externoNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.cliente_externo.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5b3d23d639d12e401c190beb6405635bae800c5c2dadb4d33b5f868f56ff6f32', + 'sourceRecordsHash': '77a25dc530c30a399322d0b117e10c888df18b669b9ce9ee98c59c25867ad7aa', + 'evidenceId': 'evidence-77a25dc530c30a399322d0b1', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'cliente_externoNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.cliente_externo.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2ffd52aa564e41d6bf218cdc193bce2d24fa949fd19ed891b3652ef69dc3cf4c', + 'sourceRecordsHash': '909a322dbfeadd376e71a50e065bb1b9fb218b37b210658680bff5f29cdf3d88', + 'evidenceId': 'evidence-909a322dbfeadd376e71a50e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'cliente_externoNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.cliente_externo.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b63ad7abb62d4e93e7d880e6f60e27a814b50d95f64e40ee5f9d926873cdb1ea', + 'sourceRecordsHash': 'd720b747299e81faaeb40e3b1863c1092f4bcd65a604333b797eb9980ffeb2eb', + 'evidenceId': 'evidence-d720b747299e81faaeb40e3b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'cliente_externoNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.cliente_externo.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9900e0a7a7a1ef07c1a0fc5a0454a3e155b7bec106cc3c9c113f4568ab4318c1', + 'sourceRecordsHash': '44d20caa2104bb53f85abc9cfb8a1a2847758313faba8dd9ee3835efe4f8d43c', + 'evidenceId': 'evidence-44d20caa2104bb53f85abc9c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'cliente_externoNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.contador.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7432f1a7f241728218a9de7fb926682642e5f3671fbcffaf766fe964ec05bab0', + 'sourceRecordsHash': '9c8287168a83e0a06a185ac1acfeb38e5b76aceddd36d9fa90acd7a19eb122f6', + 'evidenceId': 'evidence-9c8287168a83e0a06a185ac1', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'contadorNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.contador.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '73e718cddc2884d58b9b6d4fe4f93fdb83e793958c96e1a876305450de274d89', + 'sourceRecordsHash': '858d0225bcc2f5b81d879b2cce8a82f591cbe4c1252d38bfd705eb7efe74d0a8', + 'evidenceId': 'evidence-858d0225bcc2f5b81d879b2c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'contadorNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.contador.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e4a1618a823e27c8223a3046619672331b8dbe1f924f4510fb0d02cee5aaa96e', + 'sourceRecordsHash': '58a42bb0f859a78d3c92c55c615bca189706344639a535674872c1449ad1b037', + 'evidenceId': 'evidence-58a42bb0f859a78d3c92c55c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'contadorNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.contador.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2dc33f44a4c71919f94292838fc8b4edd986f7da13fe8112c58de59b4e569610', + 'sourceRecordsHash': '0841d0af5e756992c9fe0a21d59e78af44b701e1c518a0f8b6d19ddf97727b84', + 'evidenceId': 'evidence-0841d0af5e756992c9fe0a21', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'contadorNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.contador.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '07fb26448820f9292f80c879b1748b7073c94f82798d1449f43d87e7a298b4cd', + 'sourceRecordsHash': '9cddf320d13b9530dd1365bf52a1284a37eab4b0a8c41472ff8701e8105d6875', + 'evidenceId': 'evidence-9cddf320d13b9530dd1365bf', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'contadorNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.financeiro.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f330a1be0cbeaffe860cec4565ac23c50a45c33a3e677f2ce391f59994b2bc74', + 'sourceRecordsHash': '77c66f38f0b242222af855e689b2bdb6198cbf7bb00dbb7e8973517f725396c1', + 'evidenceId': 'evidence-77c66f38f0b242222af855e6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'financeiroNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.financeiro.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6a467239fd1a9940203291226c4e873bac7ea0699d9ae627424071033b4742e1', + 'sourceRecordsHash': '6f579d768636a7e561843b1d0da1a1b58b5712569de7eb893d753ee7c17e8249', + 'evidenceId': 'evidence-6f579d768636a7e561843b1d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'financeiroNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.financeiro.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cb0263f7f0b241d5985a0fe27ee008b66b2441dc89c8e2d9ba3fc16cf4bce77c', + 'sourceRecordsHash': '5458cf34c8bc5cda65cbf35abca89daa891e21b2ee2a0d0c1d61371ca66d3867', + 'evidenceId': 'evidence-5458cf34c8bc5cda65cbf35a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'financeiroNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.financeiro.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a8273806beacc9c416ccd5145c934ab021f0ea351a168c4b5be5bbcbf2bb9e0f', + 'sourceRecordsHash': 'e6dca188c8549cca4d50925bcebcbae23254dd4b36b2d9831beba1db80697186', + 'evidenceId': 'evidence-e6dca188c8549cca4d50925b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'financeiroNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.financeiro.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4b2570d4b14a3f13ec7931325fffdd10e16d3cea6cc5d541c5dd9f3a055634ed', + 'sourceRecordsHash': 'a8afb10492fca8704c80ab356a4e149bc58976b902739379983ee1753f88b94d', + 'evidenceId': 'evidence-a8afb10492fca8704c80ab35', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'financeiroNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.gestor_operacional.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e51bdf3db30ed55b4f4dd8829ce663723aa7fff862d02cf8bf078304f27d710e', + 'sourceRecordsHash': '2a070552dce678eab3912dee9135e0f2832ca2077e9a1ff22432b02042c39480', + 'evidenceId': 'evidence-2a070552dce678eab3912dee', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'gestor_operacionalNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.gestor_operacional.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f11504eac6998eb6e4c697caf9f8fb591d5629f9cf4febea0c019c179d120455', + 'sourceRecordsHash': '3d95b5a6c8e609db696cf58f05c9e09860b9390ed1f0ede1561940ba83c8619b', + 'evidenceId': 'evidence-3d95b5a6c8e609db696cf58f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'gestor_operacionalNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.gestor_operacional.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3b8bdc84157c8686687b15bb1e48a22fee120e55f16d7ae36a5f342050f17c92', + 'sourceRecordsHash': 'd604572e1cc2563442bdcad163bf1f03b58bbccb11d319ccc4b5c7ba296d95fe', + 'evidenceId': 'evidence-d604572e1cc2563442bdcad1', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'gestor_operacionalNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.gestor_operacional.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ff28782256e8898991c17b39c23beb4d815093bc60890711eab04b81ef5cf311', + 'sourceRecordsHash': '3b501230522c68b7ab9776fdec96e44ae9c1e0fa39f807738b173cee2a169c38', + 'evidenceId': 'evidence-3b501230522c68b7ab9776fd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.gestor_operacional.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '04b2899e2f9662d19dcc44754a97dc77e4e794e7d446bcc112eb283335d16342', + 'sourceRecordsHash': 'df3bf3f914060604b4e92fb17360195ff1c0269b90f7a716a745a9be5ed18a43', + 'evidenceId': 'evidence-df3bf3f914060604b4e92fb1', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'gestor_operacionalNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.juridico.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '10919ca030fbcc68ac627de8970799b3b7a9bf94ecdc88d1fdc03ac48d4ee8bf', + 'sourceRecordsHash': 'd5231e50701c671e4d043627b040b8650f4af61efbe113b3779718a0f92394b4', + 'evidenceId': 'evidence-d5231e50701c671e4d043627', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'juridicoNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.juridico.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fccb1f34ad39661549faf088ff7f494611e2253025429d5cf207a6a176bfffbf', + 'sourceRecordsHash': 'f768c488ce1329af74f361fa5f8cf84f817db95454acf85e4d7560e9a1bf929e', + 'evidenceId': 'evidence-f768c488ce1329af74f361fa', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'juridicoNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.juridico.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '71b2b2a31891fd45638fecfd04b62d449501891d0a14cf47b8765c976cd0b9be', + 'sourceRecordsHash': '09402766b27474133cb6ca1510fb8d526f0b39f944b659e70ab0db1a87ffd3e7', + 'evidenceId': 'evidence-09402766b27474133cb6ca15', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'juridicoNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.juridico.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '84e1b158467375880562bd9ee36ef6875fea5552dd78205660dca4591ba19017', + 'sourceRecordsHash': '77bdfd2d05d143e1b43c89cc6d0cd33870fb29bf09a237eae5034a4ac70dcbd5', + 'evidenceId': 'evidence-77bdfd2d05d143e1b43c89cc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'juridicoNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.juridico.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4dbe1ab96f780403f9417881fcb9866434036d466f27aa6e20dbcc0251fa872e', + 'sourceRecordsHash': '795fdd3477daec12bf268df91ff579e4d3d96f490210669563b30d0061bc39dc', + 'evidenceId': 'evidence-795fdd3477daec12bf268df9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'juridicoNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.planejamento_estrategico.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3daebec6e75155039b95594a9decf973529730588e52f2bac392cdb23f3a6e34', + 'sourceRecordsHash': '38d829bf8550a00297414ef0d0acb8c0d04e402d42e41ab1ec6874dc4b724958', + 'evidenceId': 'evidence-38d829bf8550a00297414ef0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'planejamento_estrategicoNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '97d7fc9c512a3e8c1bbfe6a95b06125de1c7a5f7876d712391fc86dfc791baf2', + 'sourceRecordsHash': 'bf3d234661f4c32f547a3da930051be149ba82114c4478ee585d93041a57a496', + 'evidenceId': 'evidence-bf3d234661f4c32f547a3da9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.planejamento_estrategico.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '215e70a31bd3a7fe59f8fe6c26e607e38885aca4f131195cda86df95fffad271', + 'sourceRecordsHash': '011d3e870dad6a663d57a4062c79d65465e2ea96ebe7a89b25a4e6591405694f', + 'evidenceId': 'evidence-011d3e870dad6a663d57a406', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'planejamento_estrategicoNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '779093e9aec502d2939a7fdc4fc7334344a2de76e970c760119175d620649f0d', + 'sourceRecordsHash': 'c3dac11f099c50f56cbd5d41219dd058fba77c7ed6ab26008b78fb64dddcfc7c', + 'evidenceId': 'evidence-c3dac11f099c50f56cbd5d41', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6381d75cdc7de80c504035fa7b8f908753de6932da38afbdc0a3f20920bd9f8c', + 'sourceRecordsHash': '04414f3a32615914131cdfe7c119368ef2ffc3992752bc0a51d5c6190d1e41ae', + 'evidenceId': 'evidence-04414f3a32615914131cdfe7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.secretaria.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6fb6862b99bc96bea339eeb8cc1e08af84b6fbec6865db326a331c965298e06e', + 'sourceRecordsHash': '94327b22b2779d5bff7e34edba1c334cf5f18c2dc1fa9459e7558bf802acb180', + 'evidenceId': 'evidence-94327b22b2779d5bff7e34ed', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'secretariaNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.secretaria.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b7edf141f565f617cd99dec34a159d2f18c8d676ba8a3d3d2d77ad64293d1a68', + 'sourceRecordsHash': 'e5ccd903b386e7f6092a222fe6588f1c9dccde4df0068e1c52817275cdc1d83a', + 'evidenceId': 'evidence-e5ccd903b386e7f6092a222f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'secretariaNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.secretaria.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '233f6e61ac88f594dc17c515d8bc3954d83311311a2b07165c7cb5704f3127c2', + 'sourceRecordsHash': 'f5eeb9ab56584cedf7a791b7480efb40df9508613990ffd1113de32b8e33ed64', + 'evidenceId': 'evidence-f5eeb9ab56584cedf7a791b7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'secretariaNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.secretaria.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a981fd16bd6be989f9ecd421c2d5df3248ed81b296f66ebb167745f9de11282f', + 'sourceRecordsHash': '58032198566c033b5de75fbb55dc3d57f1522092b3cb83bea7ff6b3d0f8761dc', + 'evidenceId': 'evidence-58032198566c033b5de75fbb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'secretariaNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.secretaria.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '729aa9243edc868c69bc2f2ecb385b414562ad8a27cf5c802c57cfdf32a51adb', + 'sourceRecordsHash': 'df0a5ae289519c87f07728c4ea2f1d12dcd1e93985bcfb1542f346c37bf67942', + 'evidenceId': 'evidence-df0a5ae289519c87f07728c4', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'secretariaNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.suporte.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6318dc03222f2864130a37a7bdd48e8c61f9b020a37a4841b7da10e5fbef3ec9', + 'sourceRecordsHash': '1fa8898366720c482f82fff7a6c44da217b229b71fa91f303127a60aff640766', + 'evidenceId': 'evidence-1fa8898366720c482f82fff7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'suporteNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.suporte.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f278017e3540d27bc98189720db3c0a78916d81950ab769b936ff2d45e82e4dd', + 'sourceRecordsHash': 'c7611284f17bc637034ed2389ff7a5133fbdc737272a973c0eab6616672cd75c', + 'evidenceId': 'evidence-c7611284f17bc637034ed238', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'suporteNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.suporte.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cddf634de76febd0852d69115f18f58b37f075798442013ed9fdd53ade726120', + 'sourceRecordsHash': '96fc72ee34aea135b9977c6919af97387e5f4704b067b7b14959e3e071eb8848', + 'evidenceId': 'evidence-96fc72ee34aea135b9977c69', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'suporteNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.suporte.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '37971583e904f61b2b7c0f2a7a99718d664d47b9f2326c3e84a056718c048cea', + 'sourceRecordsHash': '8640a02eec804a6a089146f282831765410e1df957567139e2e6e9069fe0fc13', + 'evidenceId': 'evidence-8640a02eec804a6a089146f2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'suporteNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.suporte.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3f275d42ab3f14b4dcce3bf7b2c7db60dc65b67c37fa07a6e1c62a7202f85211', + 'sourceRecordsHash': '727437b36d4b9a4df558d3b556adbf3e6753353273073301c6a7a83af4b300f2', + 'evidenceId': 'evidence-727437b36d4b9a4df558d3b5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'suporteNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.tecnico.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd2524ff242095228e7a5efcfbb7aff414e9e776ea6868daa58cdc6112943de43', + 'sourceRecordsHash': '86645cd7102abc63bc1ccc20be087a9c594c2b9bf947ee6916219a1d90d3361a', + 'evidenceId': 'evidence-86645cd7102abc63bc1ccc20', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'tecnicoNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.tecnico.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c4c4db569e7dca029bee1c6c3b449c1a9e4f2eb4bd2605bf3221049585f3faa3', + 'sourceRecordsHash': '59883651fb5cb75143e610fcfd7718a52054f08bccf66e4cdd02ec9f40b1a39e', + 'evidenceId': 'evidence-59883651fb5cb75143e610fc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'tecnicoNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.tecnico.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '276535ac6c566775433d4c93c16f3054165df244156cbb29740e2b4b10e43761', + 'sourceRecordsHash': '05f0ea8b86519dffe05a5cf034b2f55d50c9efec3379a6f07925d5c83f8f0778', + 'evidenceId': 'evidence-05f0ea8b86519dffe05a5cf0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'tecnicoNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.tecnico.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7d505d646242663f0831edbec3b807164bf94b5978d6e9fd01aececd5e38b3a8', + 'sourceRecordsHash': '7ad64f7c4a2682a2577d2025d66cf46a432beeec249a16cfd796d3807a731167', + 'evidenceId': 'evidence-7ad64f7c4a2682a2577d2025', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'tecnicoNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.tecnico.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '36346551d047b18fb1f7bf32eac97edae960f2fa74a901e65e7344c63f77d21b', + 'sourceRecordsHash': '340843819c215fff8d5b985e4ea580036d76805ff98dd2e7832ebaed5d19383b', + 'evidenceId': 'evidence-340843819c215fff8d5b985e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'tecnicoNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.usuario_final.acao.administration-route', + 'platformId': 'gettys', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '745aa69a69925f2dd3007a5656804b0fc213362afa33d527db59b319150cd909', + 'sourceRecordsHash': '20bf6594a2b93dcec91801423b4e7647659a558c27873a6401de4fb265a65df5', + 'evidenceId': 'evidence-20bf6594a2b93dcec9180142', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'usuario_finalNeed', 'acaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para gettys/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para gettys/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.usuario_final.auditoria.administration-route', + 'platformId': 'gettys', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4367f25abc243a6025a430d3f2d146063bfd6f99416f77bb6bdaf4f0f51e01b9', + 'sourceRecordsHash': 'fc99fbe73e29bffac08aeacda57eb52c3decc23c91c31e51db158a1dfbb94f41', + 'evidenceId': 'evidence-fc99fbe73e29bffac08aeacd', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'usuario_finalNeed', 'auditoriaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para gettys/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para gettys/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.usuario_final.consulta.administration-route', + 'platformId': 'gettys', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0b0aa1450cd3dd361939178b350adf0a6c70cdfd481fcfefab7adba541e64633', + 'sourceRecordsHash': 'e32bdb644ccf4491c28ee070f42ebb776fa7f6c581250004e83405e7acc10d04', + 'evidenceId': 'evidence-e32bdb644ccf4491c28ee070', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'usuario_finalNeed', 'consultaState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para gettys/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para gettys/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.usuario_final.diagnostico.administration-route', + 'platformId': 'gettys', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c13bf5263bba1cd128590e8198341793c100b5cc582743fe0798d9fc0c605191', + 'sourceRecordsHash': 'b22b17776cb3cc1b7d39ec2eebc31fe218213e79af0cd5b8c89705f9b0d47c71', + 'evidenceId': 'evidence-b22b17776cb3cc1b7d39ec2e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'usuario_finalNeed', 'diagnosticoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para gettys/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para gettys/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'gettys.usuario_final.explicacao.administration-route', + 'platformId': 'gettys', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2d004b189f5b39c142fed7c2b4ce2889b25b623c1169d9935e883c855dae7d20', + 'sourceRecordsHash': '4c39c4bb51b1b5307d788fd336caaf5b16e7b1ea4489186358dc2af8de6760e0', + 'evidenceId': 'evidence-4c39c4bb51b1b5307d788fd3', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'gettysStatus', 'usuario_finalNeed', 'explicacaoState', 'operationsGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para gettys/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider gettys via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para gettys/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'identity.administrador_empresa.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cc5b75c26ea7fe1fde0127788f000ad33f1b544cd63ead2476f07436547b4586', + 'sourceRecordsHash': '4dc02904b772d72785b85b39a3a7cce10f918e1973cfc2fbe2e6a875adeefbfb', + 'evidenceId': 'evidence-4dc02904b772d72785b85b39', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'administrador_empresaNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.administrador_empresa.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'be7fba2d30ffdc2344b685491f068650551ba4a8b746ac35ff582b3736bb9931', + 'sourceRecordsHash': 'da1ef5ca4ea37101298439bfebb257d9b9f6449496d99f820b540af78cd0e6b1', + 'evidenceId': 'evidence-da1ef5ca4ea37101298439bf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'administrador_empresaNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.administrador_empresa.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '815d22e81c85c522c52b052e2547d8cce03678629bdd29eb93bc08a25084c58f', + 'sourceRecordsHash': '3e5363ef34f5582d02d902f091b233ec6b64c908af79e64f27790ca0ee5f3eca', + 'evidenceId': 'evidence-3e5363ef34f5582d02d902f0', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'administrador_empresaNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.administrador_empresa.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8c22ad5acd4151f1b13bdb2832612495e451ea15de6fde9ae50dd2d6127fc99e', + 'sourceRecordsHash': '01da00d8c640650b428b0a9b3f700edf57fdb6b19336e3fbec8b9b3a18100831', + 'evidenceId': 'evidence-01da00d8c640650b428b0a9b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'administrador_empresaNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.administrador_empresa.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7f117a5a4a4ac1e8571cd6e237a880f755a57591cbcb636fec59cac8d8154f4f', + 'sourceRecordsHash': 'befad8975ae7b9df70d0d3cfa180942baadd620ea91cbd7697f279104ff45211', + 'evidenceId': 'evidence-befad8975ae7b9df70d0d3cf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'administrador_empresaNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.atendimento_cliente.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '825b57ec5afd1bc4d8c821cfaf5ffec076d1e3be8ac18ad7c5eb1cf1e3fc8dfd', + 'sourceRecordsHash': '0bf435d17a46773aeb0064e470a1d665144b5dcca86f1e26450d171bde69aa2c', + 'evidenceId': 'evidence-0bf435d17a46773aeb0064e4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'atendimento_clienteNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.atendimento_cliente.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd5b5b5652df67f95f84cd01f0234d8cde6787b7a075d6b634c222a9ae28f2816', + 'sourceRecordsHash': '006dcc2fe482730a79d747cf13a98f469a400b1ea8ad14e64f401bd16f56e225', + 'evidenceId': 'evidence-006dcc2fe482730a79d747cf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'atendimento_clienteNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.atendimento_cliente.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3f1ed2943d7e07d23909390a50332f93c5104999b34fbd1e41fcb23ef29a6194', + 'sourceRecordsHash': '1004a476fb20e977be59f5b342ad1357e46f8f94267f2cb17051ebe0eb0a1da0', + 'evidenceId': 'evidence-1004a476fb20e977be59f5b3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'atendimento_clienteNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '78791f60a1f25fbcad4ab06cd7a8bf1da9aa07e3bfc10527fcdd376563c7622e', + 'sourceRecordsHash': '8d356f4a0dce06848480c5deea36f696092350128c17b8b26dc908d430c1e6e7', + 'evidenceId': 'evidence-8d356f4a0dce06848480c5de', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.atendimento_cliente.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f5a3be5150c6d0e26e5df3e5a673ad0f55b338522e53716620495a880ab4544e', + 'sourceRecordsHash': '321ad6381d4bf570d31360183af1a06bddb38ed228a4512b14c76b8edfc8130b', + 'evidenceId': 'evidence-321ad6381d4bf570d3136018', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'atendimento_clienteNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.ceo.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3bf4ac3c875a6b66f715203dd1495641c248d7f98ea8046097b22b93b809ecd1', + 'sourceRecordsHash': 'ac33883476d87010a6cf5ebeffe629ce9ebd0d8aff07827ba58ca794099a04c8', + 'evidenceId': 'evidence-ac33883476d87010a6cf5ebe', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'ceoNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.ceo.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'eb69ed691c88473a9dc7e426d6cb75d62237eac7d772135a126527d1bf6aaee1', + 'sourceRecordsHash': '13b66d3b020af13c5ad62780252d4685dfc44756009d6003862d255b8988b695', + 'evidenceId': 'evidence-13b66d3b020af13c5ad62780', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'ceoNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.ceo.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '46b6023a30fd71a9ff7d54b06805a9a7af59a4622500123dac156661a93225d5', + 'sourceRecordsHash': 'fe1cb616738318f6c49dce26e74b9d2662f76d29fe41c28ca9c85f13baab01e0', + 'evidenceId': 'evidence-fe1cb616738318f6c49dce26', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'ceoNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.ceo.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9825072b47c85f5a6bdf6530c45ff00d6142595aac937e0783d26b4f6dd324f1', + 'sourceRecordsHash': '1811f0739e2b978403f424f3ced9c64af524db37bbbaae590f4c68efdf3101b5', + 'evidenceId': 'evidence-1811f0739e2b978403f424f3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'ceoNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.ceo.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e9ac1ab75ac540a931b1bc97bddd5eb277663e081d0aa6390348028566aa864b', + 'sourceRecordsHash': '3eee024d970981ba1c7da8896f15fda621e04d6d99544c0ad6a9783834d01f71', + 'evidenceId': 'evidence-3eee024d970981ba1c7da889', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'ceoNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.cliente_externo.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd0625025450874cbda73ddeecf1dd2b89c0dc9b4351278f79381f244bcd9ccfd', + 'sourceRecordsHash': 'f786693279aab920314e158b7a5ccdbfd7bc404f327c046f8e771cca5f73b9ee', + 'evidenceId': 'evidence-f786693279aab920314e158b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'cliente_externoNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.cliente_externo.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f29a7a16607d2498049ab40a51086215cfde9d98b5d962238928924cd4ea6e76', + 'sourceRecordsHash': 'e33ac64480b6a2417509ef9b483292b246858ee18b95d90a1f08217724b3533a', + 'evidenceId': 'evidence-e33ac64480b6a2417509ef9b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'cliente_externoNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.cliente_externo.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '144ea493098e01984e07765aca75f21d25e138d3bc037d52a6e966da9702aa21', + 'sourceRecordsHash': '7f56faf92b895123640ffc02c0a9bffb0ba7f15971a043dde03f49fb42757dd1', + 'evidenceId': 'evidence-7f56faf92b895123640ffc02', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'cliente_externoNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.cliente_externo.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '079d4d7b6f43ce280fed3a8b04ae38d62366a1768557e0a5f8238fd47def60a2', + 'sourceRecordsHash': '0b10356d8ae58d79a38c28336f30a17216dba4df9d8aa77e8f8a55c7b20837b8', + 'evidenceId': 'evidence-0b10356d8ae58d79a38c2833', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'cliente_externoNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.cliente_externo.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '03b3e619122bfcdb9e9c98c72eac1508b9910d911d4ca3333e085d18f2bc35e0', + 'sourceRecordsHash': '4530c1a8e33b231547fdb89e77352508835cbc2ca5355111b028ef40228cc407', + 'evidenceId': 'evidence-4530c1a8e33b231547fdb89e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'cliente_externoNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.contador.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8cb3e701cd7f0e3addce13a90ec2e502013c93b2c7ba90f87346cd89ca70d90d', + 'sourceRecordsHash': '69085c673f4b4097d228d7d91a4865a110b5ae8a3ddb199928c6331cbf4d3dd9', + 'evidenceId': 'evidence-69085c673f4b4097d228d7d9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'contadorNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.contador.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6ba2a3509cddfbe15ce7ef6af4ad6e68686a025e125fd9585bd1bfdfe0b14943', + 'sourceRecordsHash': 'c7205ded04028af09d882bbadd720fafa14eac34d7f88a2565f28715c07a7245', + 'evidenceId': 'evidence-c7205ded04028af09d882bba', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'contadorNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.contador.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a26e300aad4c9a9ade661b908b3a7eacaf27c7c53eeba752fdbacdd445cdb4fc', + 'sourceRecordsHash': 'f575a8b45c0e7eb9327362e4e6e573594f1d743350790036c9439a525f65b2c1', + 'evidenceId': 'evidence-f575a8b45c0e7eb9327362e4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'contadorNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.contador.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ba9fdb8f2eca4f3df948da6d1b26b57e91b5f4eb89837c68f9e8e0327e53ca0c', + 'sourceRecordsHash': '278037569d638926352ced9112b74b3741ceb21a98f9798e7e0f2a00e72f8866', + 'evidenceId': 'evidence-278037569d638926352ced91', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'contadorNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.contador.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4027c65f254a5ab1c1fafcdc84c854fc4109d20f4af790f47110dcf5645690db', + 'sourceRecordsHash': 'b4461c22e62ceb76791fc55ea03613435c4e62641fbed66b1dd02973c51caf85', + 'evidenceId': 'evidence-b4461c22e62ceb76791fc55e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'contadorNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.financeiro.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9318d6eb45b879e86d177a3ab0576378cc302995a5214b6af3f781ada84408d9', + 'sourceRecordsHash': '4f88aad7a1314b20adedf0f96c44665f3ea552aa5b083a03b5c065f96b4bb357', + 'evidenceId': 'evidence-4f88aad7a1314b20adedf0f9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'financeiroNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.financeiro.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd92cb804a6b3bb2ef9bbff01c19e969bc9cbe7d782b109f5974289e70cf94fc3', + 'sourceRecordsHash': 'd22a7e4f0b703db7da643f664257ebe1792018c8f3f679bb444c9b4cb0bb9bc2', + 'evidenceId': 'evidence-d22a7e4f0b703db7da643f66', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'financeiroNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.financeiro.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '568d6110e8cd7d433d8248e98261b9b9e8a2f3a54ee7557a31b81f6f89b4e13b', + 'sourceRecordsHash': '4560a5ac050bd57a423e27ee84017bde94e59cd4ad79f553b35c994973ac9f7d', + 'evidenceId': 'evidence-4560a5ac050bd57a423e27ee', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'financeiroNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.financeiro.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a4939e22e9710b12f86b25b4539bd0758e011f42c37384a39b8decdd8f82657e', + 'sourceRecordsHash': '61bbd728827f02caa67d6c5358397582377978e765ddcdf270a4a18aeaa82613', + 'evidenceId': 'evidence-61bbd728827f02caa67d6c53', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'financeiroNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.financeiro.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '13667b05c2e711aaa7093c38250fe401b252e90c18420883357bb627d9be5c6a', + 'sourceRecordsHash': 'a2bdc0e55bc0477399849334cfd388ef163f025cd63d038e22cd2a83501b3883', + 'evidenceId': 'evidence-a2bdc0e55bc0477399849334', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'financeiroNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.gestor_operacional.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '560218129d96e6efc3da18f7d7e56794d5554cd5a1067ff6ce360c7c68c0caee', + 'sourceRecordsHash': '40556d0a41d3fdbca8fcbad2ebffc40bbc45f41df057315e128b912af34fa3e5', + 'evidenceId': 'evidence-40556d0a41d3fdbca8fcbad2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'gestor_operacionalNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.gestor_operacional.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '072fd16ca47b7e8e5f708945fefd0aeb608ac6961bd6146d1bf32bd684efc9f3', + 'sourceRecordsHash': '1e0d415c0bc1d7e0a364490207ae809f0dc0f1a5e386b4da7d0beac25a44c746', + 'evidenceId': 'evidence-1e0d415c0bc1d7e0a3644902', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'gestor_operacionalNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.gestor_operacional.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3211dbfe06f8190530f09f7b64d1b0dec88790f0a079aadc54275785f9aff6e3', + 'sourceRecordsHash': 'eedef3c753e8b724fca478b0e0be04438c282153e12199ae6d0b18bd080d20f9', + 'evidenceId': 'evidence-eedef3c753e8b724fca478b0', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'gestor_operacionalNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.gestor_operacional.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '52016df1cee96226dcf41187299e605b01d15dffcfbfcc144deb59740838e008', + 'sourceRecordsHash': '0b2e4b9005b91904bb8df555d487e4747cd7939e4dc600bfab9981f0aaa0ff01', + 'evidenceId': 'evidence-0b2e4b9005b91904bb8df555', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.gestor_operacional.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7fa7acd6cafc20eef0465bc713507c333e2f4d0baf90682d42e73e94d81605a7', + 'sourceRecordsHash': '2524e76e9ebb0d8ada4029c31b76655b5fb2ddd6e65c0cd5396253861537f6b5', + 'evidenceId': 'evidence-2524e76e9ebb0d8ada4029c3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'gestor_operacionalNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.juridico.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8dd8605da3d3e4aa931d7cd6d6280c51497b0f536c5ff5f7d542ece4d457ab3f', + 'sourceRecordsHash': '7dc304656c3a6625bd9a1db67d6b03f079b038f458479467c1e5743bd617d5e9', + 'evidenceId': 'evidence-7dc304656c3a6625bd9a1db6', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'juridicoNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.juridico.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '893417f384c71e58e956ffc81269a7e2cb89e85175b2e15912fc4e13361991d4', + 'sourceRecordsHash': 'dd607566444c58d62079882bedde81be65fdb2b75c5d181b63ba70eef7a19d8d', + 'evidenceId': 'evidence-dd607566444c58d62079882b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'juridicoNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.juridico.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '03bf6f1148cc0e71954df4c03b075ee604c2b1267a943f781acd86d61db7bbd6', + 'sourceRecordsHash': '8e2f32b43bbdb0e609644e1ea2b7d024bb56cf8a40959308f6901a2c64afd8c1', + 'evidenceId': 'evidence-8e2f32b43bbdb0e609644e1e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'juridicoNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.juridico.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f44fbee25c0afb77b0d765c6d92fee68eaf5c2d0fabe5e96f112a21f03629fc3', + 'sourceRecordsHash': 'e4a5641bf3345306d74aa4c4e5b00660e24be4e4753cd25b668247721f309654', + 'evidenceId': 'evidence-e4a5641bf3345306d74aa4c4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'juridicoNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.juridico.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8e015ba7588e9ac8e395b2e6c99e4272933875d7c45dd4781345af71c011433e', + 'sourceRecordsHash': '144e72deea9ee28826f57f606582d8f4efdb858d901a389b17cf74f0b31c5db3', + 'evidenceId': 'evidence-144e72deea9ee28826f57f60', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'juridicoNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.planejamento_estrategico.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c38c97f3cefeadf3a9081967e275ab8dc7cc3e6186bff476171ba18eaa207509', + 'sourceRecordsHash': 'f18b017d7fbd2ae64c2eee1963ca5727e82d1a2a7164aa721b7245e4dd5fd7dc', + 'evidenceId': 'evidence-f18b017d7fbd2ae64c2eee19', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'planejamento_estrategicoNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4dbc89b9721238d7a28dd71bc377709f9632f5b90f7044b675298a3b78aa9fe8', + 'sourceRecordsHash': 'dcc6021bef0055221556da2d6080344415d96cebbcc973d3c336d28c87ee2f02', + 'evidenceId': 'evidence-dcc6021bef0055221556da2d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.planejamento_estrategico.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd5a65ecbb273f914d97411fde09ae0030acaea4ef6be4e7e09b30f490a921d80', + 'sourceRecordsHash': '585a1feee847a4498d471fb975946cad471fe4c89eaca1ab014f41d24ced696a', + 'evidenceId': 'evidence-585a1feee847a4498d471fb9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'planejamento_estrategicoNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd60ba2469db570ffd2f2c2b8ff847113f958d45a2edc4af977a296aad2a51d64', + 'sourceRecordsHash': 'b3d0145d29e7557c6c02b4224fe2e1689b78b05c0ddde5bdab8ae4b249e8de4d', + 'evidenceId': 'evidence-b3d0145d29e7557c6c02b422', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3e19ef89c9d01f8ef8c66ae906976c6973f1abf91cbe9fe433ab200ebeda9ad4', + 'sourceRecordsHash': 'b5fb2d19859b44b18a802ba8e711e3db0d7b9f36e6465b6d0668b8eb01211dc8', + 'evidenceId': 'evidence-b5fb2d19859b44b18a802ba8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.secretaria.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f1bb3076f160fd25f5f329299867b3ae5cf2b502ca13f2ffacc0e112fef9abc2', + 'sourceRecordsHash': 'c32a37aebf3a2112dd170ed3a8532ba774a8cc06fac30290d9c391fa2e2f19e9', + 'evidenceId': 'evidence-c32a37aebf3a2112dd170ed3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'secretariaNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.secretaria.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8ab6f4e885d5eb0466c2c2d159eaf9a8e08d2df3a344af16489a6b31670fb426', + 'sourceRecordsHash': 'fa9a05f5dfe7936ff0e147e2607932612d2b2e9a336019f089d7d589957e4d10', + 'evidenceId': 'evidence-fa9a05f5dfe7936ff0e147e2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'secretariaNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.secretaria.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '31a283ca1ca174ebc6c437fedb7fb0ee09b2b0431e56021b0718b30c977d1e55', + 'sourceRecordsHash': '13383f8f820f52c96cda525a16cbd4ce232e53b1dfff7ffa4f8651b641e788d6', + 'evidenceId': 'evidence-13383f8f820f52c96cda525a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'secretariaNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.secretaria.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6da3bbb5bb32eb547aaecb8fc373002b872ae10373a83297912c62083afa3c38', + 'sourceRecordsHash': '70d96fa84f56c71822f9acdf5db804a0c3b432de86ac8abf682a90923de2bf1d', + 'evidenceId': 'evidence-70d96fa84f56c71822f9acdf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'secretariaNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.secretaria.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '89d1ac5427f2d9cccdf332dbd021760c7ac1ea271edba6a1593d6d9a7c056fad', + 'sourceRecordsHash': '77088beb55f58f40cca994cf976f042b60af466783149d81189403d180430de0', + 'evidenceId': 'evidence-77088beb55f58f40cca994cf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'secretariaNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.suporte.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6c30c8bdb99a95ebd3f06c25106e05c74ae4a6973ef79db5247ae16f489de541', + 'sourceRecordsHash': 'd2fcc1811f030c1345b4f619b819f5b10e90686cb4b7f9a903af5614f323d5c0', + 'evidenceId': 'evidence-d2fcc1811f030c1345b4f619', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'suporteNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.suporte.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e4baefa88a4a3f936c763f3f8db3db3cae5f34b0c134d38715dd77e81eac460b', + 'sourceRecordsHash': 'd2f73bb5280d8dbee8e58268a44f3541b2a4f882c269d760a82f0423bdebb9cb', + 'evidenceId': 'evidence-d2f73bb5280d8dbee8e58268', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'suporteNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.suporte.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7515b9954fea5a461055c99205efb1ff0e6f7af1b5748bbe3a3dae7cfb35b435', + 'sourceRecordsHash': 'f9e103968510e03fbe5bf8a3cc2f8db98951b392a202a586c2448c5ed8235c61', + 'evidenceId': 'evidence-f9e103968510e03fbe5bf8a3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'suporteNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.suporte.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9164eeebd65af1fb5ebfb1acaad204ea7d6aa90b5d0e5cde0879877ec502edc5', + 'sourceRecordsHash': '1265e85b94d7619c5436764fe95ae068dfc7ea3aa1a666661acac13b9ac101e4', + 'evidenceId': 'evidence-1265e85b94d7619c5436764f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'suporteNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.suporte.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '230ba24f3f79784badb296087f3b47cd711976cdf4249e49512181912d05a004', + 'sourceRecordsHash': 'e69ba1fa120172f4213f589fe602f3a6165c4e2344fe3022207eda1bf3ff3586', + 'evidenceId': 'evidence-e69ba1fa120172f4213f589f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'suporteNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.tecnico.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '689df4601c2f5f850a27571f27a5f3a12496472b30b4816806b83cb2c1d0db54', + 'sourceRecordsHash': '0f3801c56cb4b08f947092c4fdff1227bcb3b9439cab320394946eaf864a44b8', + 'evidenceId': 'evidence-0f3801c56cb4b08f947092c4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'tecnicoNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.tecnico.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '89e30186ca2b65c8c534aafc7fc904ecf71b3d187c4bca5658efc9cce2ab79dd', + 'sourceRecordsHash': '31c413b0232e71b4710e632788f3845675ebd2547d7a86f37c51723b167dc9d3', + 'evidenceId': 'evidence-31c413b0232e71b4710e6327', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'tecnicoNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.tecnico.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '489565f2b4b727603ccd54661436232c0af53fc753db4640f7224009eff2abf0', + 'sourceRecordsHash': '0c7cde9a47075cd3abfd2fe1da70e39171d3afccd96c260b75f87e0074ca08c2', + 'evidenceId': 'evidence-0c7cde9a47075cd3abfd2fe1', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'tecnicoNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.tecnico.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5a189035276dc15d6546bc3f8a1de94ae0ef3461cf89b47da5fc90c264841970', + 'sourceRecordsHash': 'ce0375ee4b7b18900bd669b64302f46bccc18a15c4e0b97876a7c958a199ae12', + 'evidenceId': 'evidence-ce0375ee4b7b18900bd669b6', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'tecnicoNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.tecnico.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '99ef9db9e79a1201b931046ff734e9022bb53708d6072ce1c6ac95f9210bf8ab', + 'sourceRecordsHash': 'c6c0b7722280588a9ace78a00c6cfb5e54bd24f84ec98779982c7d8760aacd4c', + 'evidenceId': 'evidence-c6c0b7722280588a9ace78a0', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'tecnicoNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.usuario_final.acao.administration-route', + 'platformId': 'identity', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c369d388c66adca83440ab6b935fd5e57fb5d0df7f24743730a72ed2f4cc18d6', + 'sourceRecordsHash': '62f0e127eb35ae8c1fb03f707b1c30709e02382d63a5528297d66a9363b2ab02', + 'evidenceId': 'evidence-62f0e127eb35ae8c1fb03f70', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'usuario_finalNeed', 'acaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para identity/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para identity/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.usuario_final.auditoria.administration-route', + 'platformId': 'identity', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c6a3ff55803c03dbe2ace507ed58126c718f833a06dd94b40ca101c6a07f6949', + 'sourceRecordsHash': '1491483488df118ee45f5dd7e929325f96754a076fe295eedbe84ae1f87bbf2f', + 'evidenceId': 'evidence-1491483488df118ee45f5dd7', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'usuario_finalNeed', 'auditoriaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para identity/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para identity/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.usuario_final.consulta.administration-route', + 'platformId': 'identity', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3f53935b20ac51a1480fd99f4f8ffd1240f3c6af49d26c4c80fc83352447a733', + 'sourceRecordsHash': '2b914cf3641b17869bfa4ab95fa5c22aee3319c8b030f9d639d7ecd13772cca6', + 'evidenceId': 'evidence-2b914cf3641b17869bfa4ab9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'usuario_finalNeed', 'consultaState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para identity/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para identity/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.usuario_final.diagnostico.administration-route', + 'platformId': 'identity', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4a06b28f99914a17eb15474289caa51c8cab9c617ba5929eb0023fe6f234b960', + 'sourceRecordsHash': 'd8711be668a97f11c5a7380c7d8f134d22fec936d3f9e4ee1852fafdb9d30f67', + 'evidenceId': 'evidence-d8711be668a97f11c5a7380c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'usuario_finalNeed', 'diagnosticoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para identity/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para identity/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'identity.usuario_final.explicacao.administration-route', + 'platformId': 'identity', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd7a0d86055063c3b24f0dc00b759b2152ac01773a87b8330ed3ea0ad7dff28fb', + 'sourceRecordsHash': '5f0921c673c81cc1ac321ef70bb0f608d900242861a25e5d15b1d3c17d93deb6', + 'evidenceId': 'evidence-5f0921c673c81cc1ac321ef7', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'identityStatus', 'usuario_finalNeed', 'explicacaoState', 'securityGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para identity/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider identity via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para identity/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.administrador_empresa.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '238ef044de01c45e78fa69e73c97bb4731f8592a50019a1c5b1f716c78da497a', + 'sourceRecordsHash': '71748ec665af126c10b797c82b0fc8a4ffc18b95e61d875632a61b2da5654c66', + 'evidenceId': 'evidence-71748ec665af126c10b797c8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'administrador_empresaNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.administrador_empresa.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6895347f5bdc299208c1f0a9b4fd5aeeae18666d8cf58e192a1d672096facdc2', + 'sourceRecordsHash': '3de077a4e3cad9654d7400b81442534e5aa8c2d8515f916b766dd8231f9a4cfe', + 'evidenceId': 'evidence-3de077a4e3cad9654d7400b8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'administrador_empresaNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.administrador_empresa.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '792dc7806959395d7878d20e51407954e62624658e9b710db277886bc76371fe', + 'sourceRecordsHash': '8f53890e9662038851171eeebb3ab31785ef5019a78d173b354dcc4addc1f715', + 'evidenceId': 'evidence-8f53890e9662038851171eee', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'administrador_empresaNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.administrador_empresa.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ce1c632e559b3bc5e4aeb2d09eca78e8130244c296d91cc8357ec3cedbbe66ac', + 'sourceRecordsHash': '7c3d71082956a95fff719b883f75938e58edbcd77c4007fcaa4164a0d9663dbd', + 'evidenceId': 'evidence-7c3d71082956a95fff719b88', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'administrador_empresaNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.administrador_empresa.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '76cff27f5467a4b4ba0fbf2de1eaf57cd7f5e57216b610844607a3ec78b4a29f', + 'sourceRecordsHash': '54c5e6268ed987fb0af8734c9841f3986307622e13eed0d771467a51e1f52289', + 'evidenceId': 'evidence-54c5e6268ed987fb0af8734c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'administrador_empresaNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.atendimento_cliente.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6ef1d4da5c77aea3fbff95ef686cc6838e8091003d79e255dd1aa255e66f54bf', + 'sourceRecordsHash': '96381c4e36a716a67b6c708db21af8bc9c112aba831b23f55f906b3588b6d052', + 'evidenceId': 'evidence-96381c4e36a716a67b6c708d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'atendimento_clienteNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.atendimento_cliente.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1ee0313217f96ab3c8608d5126892b0914e9ed7c2b270b0b0c29a37e97f02211', + 'sourceRecordsHash': 'e0e493914892c32cc74a6dab0aea8e5c34fd174758a5ff0d1864471afb3d94c3', + 'evidenceId': 'evidence-e0e493914892c32cc74a6dab', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'atendimento_clienteNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.atendimento_cliente.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b8fb284304bd0a39d2baf43bf0d8b8dd1b9b54f633ecdf805d5f48133dd5610a', + 'sourceRecordsHash': 'de0b904c230ebff3c1ab07d18c6cd88c92679a8bf99477f3a76468595eb11981', + 'evidenceId': 'evidence-de0b904c230ebff3c1ab07d1', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'atendimento_clienteNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e15c5b29ae583edd8c499c7fd56645dd90588b18b6cadfff97cb2b35c204821c', + 'sourceRecordsHash': 'ae2680aee85f10cea512891b6e43d01296f71d8d80cf47401a3c8b1764179ec3', + 'evidenceId': 'evidence-ae2680aee85f10cea512891b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.atendimento_cliente.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ea23021e3f758adf0581143a6f48ed50e4a2fcd49aa807b768a8eeb33117324e', + 'sourceRecordsHash': '8c4c77de81370500e1ede9801142de9cab8bb6386b434b9e53e80776b272e000', + 'evidenceId': 'evidence-8c4c77de81370500e1ede980', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'atendimento_clienteNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.ceo.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8221c5b1c30c604ed3b2068ea34174f77c5c0f7c4c3204c082869de5ec7bc8e3', + 'sourceRecordsHash': '48c50724541aa215fd8d763cf8087a2fab77476eadaac60958650199f83ea200', + 'evidenceId': 'evidence-48c50724541aa215fd8d763c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'ceoNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.ceo.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1a29e5a01a0d808c2769ff2fe13768253076c8913924f3dc46c5d3cc2e7c4004', + 'sourceRecordsHash': '80de1ffd669c9da1d6de38b82c335389b174ba690a5fb8a58c48320410bf2c19', + 'evidenceId': 'evidence-80de1ffd669c9da1d6de38b8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'ceoNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.ceo.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6e744df3be0b0d8c1f1528d0b2e44a2ab57e17f456d2b74c3f3cddf327ed6901', + 'sourceRecordsHash': 'ae35c606394bc6bc91029f1372d9a02c095ff51f80b0fab4fabe23e10e240ca1', + 'evidenceId': 'evidence-ae35c606394bc6bc91029f13', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'ceoNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.ceo.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '712dec8ded9ab420904359951da63fe612485bf3506361596e6e4a52b8d05690', + 'sourceRecordsHash': '604df2ef6b14d00ef7c8b3cf403258c04c453f1557a4ec0accce850c3f520e60', + 'evidenceId': 'evidence-604df2ef6b14d00ef7c8b3cf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'ceoNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.ceo.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '752ba58c728fe4d51411cf08c8359bca1d71836b94baab96f31624db4bddc68e', + 'sourceRecordsHash': '366dff8a1661d9bdc3edeb98ce532e47f9b273dc3faf39321d12edee18a9c30a', + 'evidenceId': 'evidence-366dff8a1661d9bdc3edeb98', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'ceoNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.cliente_externo.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0fd3c565d6b3a2c842e3b94625f2f81fa7d572c43d5823861305c516300f5ed5', + 'sourceRecordsHash': '5df244d34e4246ce34b5e4d47e7c0670edb2eefc9dcb42912ff2d3e95ca2f748', + 'evidenceId': 'evidence-5df244d34e4246ce34b5e4d4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'cliente_externoNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.cliente_externo.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a1f961d6e65d9fd084a2949864258ea771091fb8e7381d37a436c55fb37114dd', + 'sourceRecordsHash': '72995a713a20b24f6c67f28f2e82d84fdb9221836968a7fbe5d1835dcf09b430', + 'evidenceId': 'evidence-72995a713a20b24f6c67f28f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'cliente_externoNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.cliente_externo.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9598a171fe3d7b50d000f9802b4f28c4739dd2e1300e4d13f6b7e3954f561271', + 'sourceRecordsHash': '832fc963fbaa5ec8fe75f6d8f2af1f330f95c8ae33bc38be57a18ac2a2da0fc3', + 'evidenceId': 'evidence-832fc963fbaa5ec8fe75f6d8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'cliente_externoNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.cliente_externo.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '96120816d0e677d2de3061f88555aa5ea0292434b67a548ea2f28a89f4fa990d', + 'sourceRecordsHash': '364e7321b8725a0dc884823c877382a01da866129aba97c12667243c7c063114', + 'evidenceId': 'evidence-364e7321b8725a0dc884823c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'cliente_externoNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.cliente_externo.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6d27a998382e68258b560a6c7c54e94d7bd0e6f67892c4d35aed6ceb3f5598d7', + 'sourceRecordsHash': '592878b1e05324548d78e0d42f71050570b28233219051c61b813f55de964eae', + 'evidenceId': 'evidence-592878b1e05324548d78e0d4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'cliente_externoNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.contador.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8d3a16c75996349293a03cdc8ccfa8c52497762776b0e70289ed8ffbda86518d', + 'sourceRecordsHash': 'dc43504e86c65413e58fda36320a27b794b00fd78627f96fb8c6d4453c3f0ddb', + 'evidenceId': 'evidence-dc43504e86c65413e58fda36', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'contadorNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.contador.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '361b3e3c339284d2836acc447ed26a048607476afbdabd571eb210f8b9ac65a8', + 'sourceRecordsHash': 'd06b0cef56f8457b77ee607dcc4af8c3b1a51b44e1cd33d92881e477234ddc39', + 'evidenceId': 'evidence-d06b0cef56f8457b77ee607d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'contadorNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.contador.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd275595e38437c6face4cc4f42b7f97a20231b7e34555e9433a2727733f701ad', + 'sourceRecordsHash': 'df99a462f4a34fae52b85dbba4838468d95a66f3076640519568871370c9a1ee', + 'evidenceId': 'evidence-df99a462f4a34fae52b85dbb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'contadorNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.contador.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7ab8582100d1cc0805f1a0f6c730d5bda71a2bd510932e9e815249f9364dbe61', + 'sourceRecordsHash': '23a969f1068b35a27b37a60b0e036c63e340da4656f9c15f0cb0451a7ce93642', + 'evidenceId': 'evidence-23a969f1068b35a27b37a60b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'contadorNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.contador.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '567cf3ce42f8919b78fc19075e26404dedb0225436065f21ffaea17a2fe144af', + 'sourceRecordsHash': '98c8ced87e583cdda0f22e6ede378cbc2787338984cb2d3fb7c00426f78c7d00', + 'evidenceId': 'evidence-98c8ced87e583cdda0f22e6e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'contadorNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.financeiro.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bdbdb418289b9fafff195a9415d09b03d296ba67e3d336e1441b1686e167141f', + 'sourceRecordsHash': '8da7afb8a01d4cf05680ad63aea47ef99faa52dff9a15d09e321f8aa88611d23', + 'evidenceId': 'evidence-8da7afb8a01d4cf05680ad63', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'financeiroNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.financeiro.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '677a055b725a2cf09999a281ce79e1aa696eb21999b337b81d2e6d2b5794602e', + 'sourceRecordsHash': '6db1a36922cb406c950cee41dfebc7bcbafcfb82913ff74f2df4a2a4f89bc371', + 'evidenceId': 'evidence-6db1a36922cb406c950cee41', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'financeiroNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.financeiro.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '51c7c3b67463962a40f07f4c6ac3ab7323d7cf89585be0d7447be925c903098c', + 'sourceRecordsHash': '3ff92967f7bc51e96311abeca00e483b96d811904739ab89f4cf4572444b8be8', + 'evidenceId': 'evidence-3ff92967f7bc51e96311abec', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'financeiroNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.financeiro.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b947251b143ef603c2eae4a817ac661a3fd1b0a191177faf43554ddd9bdec401', + 'sourceRecordsHash': '55b9b3fb3bab2823745baa65a9270c10e3bcdb08fd1ae891448dd0bce78f652f', + 'evidenceId': 'evidence-55b9b3fb3bab2823745baa65', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'financeiroNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.financeiro.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '180463bb08a2a9d31b529698070ab14662089b79627effc006b7c0bb55ef42ad', + 'sourceRecordsHash': '8b62c883ef19765e055c1d837bad3b29c288162762770def69de0f4cc6434dc0', + 'evidenceId': 'evidence-8b62c883ef19765e055c1d83', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'financeiroNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.gestor_operacional.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1531c82b0c7bd5384968660389f7f87788a21e5cf6713ecc78589444eb16f14e', + 'sourceRecordsHash': '515b6a3bc44541087a29e224f51b0929a2ae0f7856659b50334cb1df6aeec1d7', + 'evidenceId': 'evidence-515b6a3bc44541087a29e224', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'gestor_operacionalNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.gestor_operacional.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b02cd801cfc03bf210764fef03eba358d630fd96ad12c945ab375a91a486f9ed', + 'sourceRecordsHash': 'c2fe0a91f3e35727d4f91c6defde3bc2cc27651c74293e1c89b5a8d8f8516aa6', + 'evidenceId': 'evidence-c2fe0a91f3e35727d4f91c6d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'gestor_operacionalNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.gestor_operacional.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bd962027185db0301f39c7d37a02fc887d1d73d13543056cc4744f06db0e6054', + 'sourceRecordsHash': '5419f13ec96212880bc21cdec80d81f09d3ddc5c1cfe2a484714582eb160a53e', + 'evidenceId': 'evidence-5419f13ec96212880bc21cde', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'gestor_operacionalNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.gestor_operacional.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '42ad8f37d20cdbb00aeed070ced28a0a53ba364afb905d9407acadae235ded34', + 'sourceRecordsHash': '6fedbc1b8d02cfdfb70503a35799d5d53f7741819ee90b6048502f1ebfd11b0c', + 'evidenceId': 'evidence-6fedbc1b8d02cfdfb70503a3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.gestor_operacional.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ee85c42c9a9a49de8caa1775e20e0dcfc4050b35efb2223bddf99b0161f24fc2', + 'sourceRecordsHash': '47d4e5117965d3f86217b32e017aca0591ceb7b46d3b6d38e729b7b6f91dc6b9', + 'evidenceId': 'evidence-47d4e5117965d3f86217b32e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'gestor_operacionalNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.juridico.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '02e215dc882a30c24b15ccaa57f0386b9c4f9a1d245d6b1c537a364e34346d3e', + 'sourceRecordsHash': '9e20a3b04b9903315c6a0593c0a94f5e4ea4cc1d4a8906e1555bd99ad186726f', + 'evidenceId': 'evidence-9e20a3b04b9903315c6a0593', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'juridicoNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.juridico.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2496f8ee8c9a387a578914022a388c97b5300b9589cb22e99458f5f35c925504', + 'sourceRecordsHash': 'd4ddea48892e181e5fd414fde27d5a5ae6ade49afa4336cf980d8c8d87a86d74', + 'evidenceId': 'evidence-d4ddea48892e181e5fd414fd', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'juridicoNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.juridico.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'aea1a1d929b175cb53125477a9139665b1b150ede73a888000d9f84bf3be7928', + 'sourceRecordsHash': '1262901d3e2c96090944f9171278f844ca4e3abd6bb3952b7705917a72396e4b', + 'evidenceId': 'evidence-1262901d3e2c96090944f917', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'juridicoNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.juridico.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'be5e2e6af03e5ecdc39e122fe1e1bb5837de240320c5493a015a026453e471fa', + 'sourceRecordsHash': 'ced9a5325468ea24ca05ae0f602613e60143cb36f1014ae7ad5cd5a5cf017387', + 'evidenceId': 'evidence-ced9a5325468ea24ca05ae0f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'juridicoNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.juridico.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8512179c6e63b243e435ca8345ecbf51bcf8d8606ea8a0c7e62c83e2871a5a55', + 'sourceRecordsHash': 'f76f7bcfd159d1b877f1ab0202c30816eff8eec9a669f6fb8384837cdd7b40d8', + 'evidenceId': 'evidence-f76f7bcfd159d1b877f1ab02', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'juridicoNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.planejamento_estrategico.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cb89200db4c96bf7154f75947969e0cb974c0bf564a846765a6406fdd589a277', + 'sourceRecordsHash': '93e19c1c30d47cb0f9f05dbd372c1c8c7754784027f08dd7c4bd46edd7bd025f', + 'evidenceId': 'evidence-93e19c1c30d47cb0f9f05dbd', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'planejamento_estrategicoNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd170a3cf535ee7bfa515b8ec44587b0369344cadb0b7b9d929b0bd5e5b68434e', + 'sourceRecordsHash': '1088c421f660d90fdafd2e4814ff9a0911464fed8c19b25a03703e0e4644dd4e', + 'evidenceId': 'evidence-1088c421f660d90fdafd2e48', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.planejamento_estrategico.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7dd72bbdfe57a11c013c3364d9b9344b4dfb2aec88cbbdfe33d10c311e9189cd', + 'sourceRecordsHash': '113a7b2b421ed6b79703cad97357cf04b0cba62da85269947f0dccf6ba814f9e', + 'evidenceId': 'evidence-113a7b2b421ed6b79703cad9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'planejamento_estrategicoNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0e3da7b7a21992430bba2e6e80e141ff505f1faba63c2c23c43e950166d866c4', + 'sourceRecordsHash': '67d919fb53410ff9f3d3144604fccf921bf037278b3ca516c9965853f5cef0de', + 'evidenceId': 'evidence-67d919fb53410ff9f3d31446', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '66de7c583586941707f56692369d887d21f7a6e7102a48869f01ebb2a3d80554', + 'sourceRecordsHash': 'b1a01194355fb1bf19411c95ff39ac924d726d88fe3e45beebfc29e3e9566a05', + 'evidenceId': 'evidence-b1a01194355fb1bf19411c95', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.secretaria.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1497b1b9fc9912d5d546103e2b5ec06abda06ab02fde7c6900dbb0777b64d05f', + 'sourceRecordsHash': '0cdc019b192bc4c1c6a280b560893309a10b5758807c603c63d1029e2871e69e', + 'evidenceId': 'evidence-0cdc019b192bc4c1c6a280b5', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'secretariaNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.secretaria.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4a8d7b46c0a755f84fb64f2cc9ffa6aa167a324b506e9d64bfe90faafb75956d', + 'sourceRecordsHash': 'dc8998d31be105b8d3cb842e587d60c947140ebca3e9653d42444a404df33e47', + 'evidenceId': 'evidence-dc8998d31be105b8d3cb842e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'secretariaNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.secretaria.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7b504806c174b135ed735c5957f6d57d8819917d557526c5296839e4898f0772', + 'sourceRecordsHash': '647eac2e94c135282564ae61ec5f00e29f94c4acccb7252e2ebffb2f104c075f', + 'evidenceId': 'evidence-647eac2e94c135282564ae61', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'secretariaNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.secretaria.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e6c1995bdf80a1b76600fe1324f3a6d36343a30b504e9c19159b6106a58786e6', + 'sourceRecordsHash': '1bb7db57db2420c66f7ad98142319b823f455eca333c7ba359be6d78e83a5a31', + 'evidenceId': 'evidence-1bb7db57db2420c66f7ad981', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'secretariaNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.secretaria.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e7034f3cfc44005414d4d79c1f7c64f1032f754c047aec978d8399c612e8a1c0', + 'sourceRecordsHash': '0337cac15092eb32e6a62da56ee71f3ddc0a24c8670132f5ddec1c41de5a63c3', + 'evidenceId': 'evidence-0337cac15092eb32e6a62da5', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'secretariaNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.suporte.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '820a2417f79d20987963108602464707db837ff7914e2b184c8dece3a403061d', + 'sourceRecordsHash': '06456564d704e1f8fd7b925cf90673b20ed0947753099154a6cbf78bd84a7069', + 'evidenceId': 'evidence-06456564d704e1f8fd7b925c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'suporteNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.suporte.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '63e7ba8751e7a55156738b06f126d6de6d37612eb5e3ec23a519217b831cf823', + 'sourceRecordsHash': 'ea84d132b50c89545f64fd5d78db70b0eae15d62af89bc3e220370702219c4d7', + 'evidenceId': 'evidence-ea84d132b50c89545f64fd5d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'suporteNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.suporte.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1583ed9e3c1b3f62123b5906e5c75c0a5bc06058f164aedb556d8ec0d3c7da69', + 'sourceRecordsHash': '5197bb5204df9ea60ae277d5ab03152ff2c7bd54f45a84b93e75e8589d4aea26', + 'evidenceId': 'evidence-5197bb5204df9ea60ae277d5', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'suporteNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.suporte.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '750c5e653043248602a6f61ce4fa5e896895e2df59cdcac35079f3c4b498abef', + 'sourceRecordsHash': '5775efb7d72ea48d1790a068094f80721d35c5650bcaa54b4084504cb5fa34cc', + 'evidenceId': 'evidence-5775efb7d72ea48d1790a068', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'suporteNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.suporte.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8a2dc2b1c0a2f954e782ecd9d6b00a1ebf3c1c32d0e833a121166cf5f0f93719', + 'sourceRecordsHash': 'da5a25cb79ae805041d212ba27e986e2efb7dc276c198ac308ed06ac4e159ba4', + 'evidenceId': 'evidence-da5a25cb79ae805041d212ba', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'suporteNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.tecnico.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '51bd6b66b008ee477ac8419b18cdc286f665e0704d7ded5d6696a92f51cc1f98', + 'sourceRecordsHash': '9014a75fc2c99e6ad2c3ffdba0f2e23c959a459fcecb707326d993a25761600c', + 'evidenceId': 'evidence-9014a75fc2c99e6ad2c3ffdb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'tecnicoNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.tecnico.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bea0970b456274f0f450eb292a27d9a78ee6e0fe2bed23473133ca68c3db0bc5', + 'sourceRecordsHash': 'd96a91887a51c523242d6a09203e13677a799b1ee6b8616caed7d219b570f7e5', + 'evidenceId': 'evidence-d96a91887a51c523242d6a09', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'tecnicoNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.tecnico.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '11aadc9bd88bc30b389727e73d094807e9ddf4d6d8352833dbc3bf10716be631', + 'sourceRecordsHash': '4d5d9dc754ec2a0459d3caef6ca7a9fde2114308e22e35e952028f2be7dad8c5', + 'evidenceId': 'evidence-4d5d9dc754ec2a0459d3caef', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'tecnicoNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.tecnico.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fd7979977f43c152f87744ac8df864e72019008d2b759d3707e32c0764adac21', + 'sourceRecordsHash': 'fd064431c41ce024a0ebebbdcfe14578ecc281e1573dcf1c97787aa7d8a4183e', + 'evidenceId': 'evidence-fd064431c41ce024a0ebebbd', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'tecnicoNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.tecnico.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '93f7a22b359934855595bbce8345eec7da5a5969a5c129d2f19e7b55f110f0ae', + 'sourceRecordsHash': '8e89b3bad61e1613a09a9937d8690d26b5c40ebfbd266838bd6fcf31999a34d4', + 'evidenceId': 'evidence-8e89b3bad61e1613a09a9937', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'tecnicoNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.usuario_final.acao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e705ff9197f0c14bdf32d57cbb664833d799f1749b42c799504361effa30ceca', + 'sourceRecordsHash': '0c9f17aea4cd22d6d077b4b3f25238fd74b4a24c2417bdd0021a738d24f9ced5', + 'evidenceId': 'evidence-0c9f17aea4cd22d6d077b4b3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'usuario_finalNeed', 'acaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para integracoes/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para integracoes/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.usuario_final.auditoria.administration-route', + 'platformId': 'integracoes', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c454f4e650ce5bdd9728b3b74c5bc55a2bf447763e2f48b4709234a993d5e90a', + 'sourceRecordsHash': 'da9953ce1519cb30e25a1cd59cb7f561ddec6ce6c54337a543cbd1377b111780', + 'evidenceId': 'evidence-da9953ce1519cb30e25a1cd5', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'usuario_finalNeed', 'auditoriaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para integracoes/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para integracoes/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.usuario_final.consulta.administration-route', + 'platformId': 'integracoes', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '17c8830e7aaad12d0e6f3f7445b7efe727cd5f8a67c48e7ab40b027a81e8b3b5', + 'sourceRecordsHash': 'dbe5a17c4500ad77cb79f433dae02993efd3033e9c30316e1a1d1e2e9578f857', + 'evidenceId': 'evidence-dbe5a17c4500ad77cb79f433', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'usuario_finalNeed', 'consultaState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para integracoes/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para integracoes/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.usuario_final.diagnostico.administration-route', + 'platformId': 'integracoes', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd49c601f4ece8180f6ce1e5350a9863f54e567c6f29a09661d5a7d6702ec99b0', + 'sourceRecordsHash': '53181bba1e402fb74ccdc6bb2ed5b86b77a294564fb4a458976fa4bbb9a60fd8', + 'evidenceId': 'evidence-53181bba1e402fb74ccdc6bb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'usuario_finalNeed', 'diagnosticoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para integracoes/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para integracoes/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'integracoes.usuario_final.explicacao.administration-route', + 'platformId': 'integracoes', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '53613b785e2441ed320025ed21c345ac6af31038b3334ffc6c00fdb157f64400', + 'sourceRecordsHash': 'fae75eab89e7ddcab2bc948f7c4c1d50fe92c881001baa96fb787aae7797a781', + 'evidenceId': 'evidence-fae75eab89e7ddcab2bc948f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'integracoesStatus', 'usuario_finalNeed', 'explicacaoState', 'integrationGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para integracoes/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider integracoes via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para integracoes/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'intelligence.administrador_empresa.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7b4bbc6c85282e3d269db08747c4b097d3e968f9805d31529fed9de27f83c6b3', + 'sourceRecordsHash': 'e51fb10711afbbd6d6545eb3cfdd00fef7c8e592f18a7e7b879a96e6775bf7b2', + 'evidenceId': 'evidence-e51fb10711afbbd6d6545eb3', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'administrador_empresaNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.administrador_empresa.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cbdc646df8ea926a8e9834608e301a0e7cefb0b14e9710e5773862ce43f44d28', + 'sourceRecordsHash': '27abd82fae067bcf989f9f9766e9b22d182ccd7a3fff9f2a8f00f7c061d74bcd', + 'evidenceId': 'evidence-27abd82fae067bcf989f9f97', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'administrador_empresaNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.administrador_empresa.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '88a82840148903c2451fc1b87aeab8f9e715926e4d38a5545c48acbf47379651', + 'sourceRecordsHash': '5aea8564ca36f345d35bb99a853d9f2ab716adcf557187151937cb5e72146bd8', + 'evidenceId': 'evidence-5aea8564ca36f345d35bb99a', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'administrador_empresaNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.administrador_empresa.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd57b8a83209623b8ce578342a512e3ac029e87bb60b79a898713758f0f0dfdf0', + 'sourceRecordsHash': 'a97f5b221a5ccbe73d8c303463fc8838df7ef840631d9855a661c8c0d083e542', + 'evidenceId': 'evidence-a97f5b221a5ccbe73d8c3034', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'administrador_empresaNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.administrador_empresa.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2138faa3f202dc97d9b497232d51aba1bda09c3e8c5e5b8a70b01fffe1655add', + 'sourceRecordsHash': '1f20a64247fad65d9714859ae55131327a4de7014f2a0fde2a55116360086b16', + 'evidenceId': 'evidence-1f20a64247fad65d9714859a', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'administrador_empresaNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.atendimento_cliente.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8d42aff90284e2f78efce5423f9cc1433c4dddb2d7d457cda0a960f4b3dffb29', + 'sourceRecordsHash': '006804297874a769d850042a88a51450538c6e45d93e8350bc44cff914a15331', + 'evidenceId': 'evidence-006804297874a769d850042a', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'atendimento_clienteNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.atendimento_cliente.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'abee78db89549fca71d458fd1068c2eaf0681865048933961ddb448aa8b96555', + 'sourceRecordsHash': '8c24ba50740b0850092f4be375533a0134cf0ed81dc6f28d5e917c59ea0e8fdc', + 'evidenceId': 'evidence-8c24ba50740b0850092f4be3', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'atendimento_clienteNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.atendimento_cliente.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '630a26365117730b8115dd165e5db2a5d378fba2b22623baa6457e21118b8788', + 'sourceRecordsHash': 'c2c6bd281c0d0fe58528b69cc68f66f35b8561a41d9f70a14d4f9dddd17521f4', + 'evidenceId': 'evidence-c2c6bd281c0d0fe58528b69c', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'atendimento_clienteNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ac91df2d7b31c1aacaa06905ea3fb93ef126f12cbb04db291f434f8b167d1eac', + 'sourceRecordsHash': '76b190c91dd8419e5b134d0ae2dd3e7627672ce59b31ef428c5f9a519d69db19', + 'evidenceId': 'evidence-76b190c91dd8419e5b134d0a', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.atendimento_cliente.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'de88e249b0cfa8dfca65c11e1541c07ee6de6be97375efd5d67aa062fdbcd8cb', + 'sourceRecordsHash': 'ce878b9d63510152bdc081210b3a88e9104e996368bfffa73fa660a72d98d054', + 'evidenceId': 'evidence-ce878b9d63510152bdc08121', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'atendimento_clienteNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.ceo.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1ad197f9bdf5bcf358dc1e93a33c668d55df1387228a95d13bb9a57d649be66d', + 'sourceRecordsHash': 'f2f3159e1337f7f585d61f8f7b2111c2486f5342811d78ba4d6f415bc4f73c21', + 'evidenceId': 'evidence-f2f3159e1337f7f585d61f8f', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'ceoNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.ceo.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6a4877e099977f2aae689dcdc710358fe39e7fee6ed7b179f033be584fdc3b64', + 'sourceRecordsHash': 'cbdd2f1e558af059e203894c4b9b96284fdb253b2e83061133f05129a5bbd923', + 'evidenceId': 'evidence-cbdd2f1e558af059e203894c', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'ceoNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.ceo.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b4d6143eee53aa21c8b812f527c99f0da15a64c0ceb7604ff0f0c49740f781bd', + 'sourceRecordsHash': 'b935c651cedf93542a691e8fab6420cae2318843b3ff4e48a7a83f9ae681b8e0', + 'evidenceId': 'evidence-b935c651cedf93542a691e8f', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'ceoNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.ceo.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b5385f120180695b4e5165ae7ca2aba6f221e3791454a6af6bd12dba58e18996', + 'sourceRecordsHash': '2cf7916fe17777fbac6ec7779741ada9ebbb9d93e1f8213d2a7ca607f83b6e43', + 'evidenceId': 'evidence-2cf7916fe17777fbac6ec777', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'ceoNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.ceo.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '24e9c78ddedc81c99ca46923d872ef3b5734bb91cdc0e36e2cd190b8c6ec3583', + 'sourceRecordsHash': '579630bdbbcf01d24f523270b7f9bae4b576cdde783e8c6d4ecc17e0032993c4', + 'evidenceId': 'evidence-579630bdbbcf01d24f523270', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'ceoNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.cliente_externo.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd253bd36e061abcadc0d47585de77ed96fe70a9bd955a4680e07c34a52939b15', + 'sourceRecordsHash': '11aed14d148ee16449d85c9d57c9141831f27e2f91f2464fb766bb7ec8963326', + 'evidenceId': 'evidence-11aed14d148ee16449d85c9d', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'cliente_externoNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.cliente_externo.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3c58095a6b7695d63624ec386670fe542548bb6940bee1d1638697e265b0b377', + 'sourceRecordsHash': '2c1a27444b0cb28881ca49f7944132a54bae5f4d9df07e00679cb95e00a750d4', + 'evidenceId': 'evidence-2c1a27444b0cb28881ca49f7', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'cliente_externoNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.cliente_externo.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c8830bd76196e8badaf7a4911d6ae55838fff3cd087dc06f71f46f1a6311ad10', + 'sourceRecordsHash': 'eaaf0ce9bcffdb720df4b05a4ec470637b558d77c6a6b3309ab0d91c2927ae9e', + 'evidenceId': 'evidence-eaaf0ce9bcffdb720df4b05a', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'cliente_externoNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.cliente_externo.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dbfe56097ea0e60994d1b6b860f3ee792ee37fc0f5869809d67c9361ec901318', + 'sourceRecordsHash': '8c49624a98d5e87a5532cec6b193bbe5dfb99678dfb34196f7eb40bdd184c636', + 'evidenceId': 'evidence-8c49624a98d5e87a5532cec6', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'cliente_externoNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.cliente_externo.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7faa64493de29f6755f876d84438151288585dbca9de980f4aa27618c6f580b5', + 'sourceRecordsHash': '29ba543a38bf9796c3ce1cbbfc53552ffd6b2169673ee2a5821d296117c96c00', + 'evidenceId': 'evidence-29ba543a38bf9796c3ce1cbb', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'cliente_externoNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.contador.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'db122d00a203d8416ef8bd8028cde855776d78c990e09db0d9b50e24fe3793c0', + 'sourceRecordsHash': 'b014ba9470f3154146637a5ae6e5641cf13013166e6f3277b8f032eeecdfad4e', + 'evidenceId': 'evidence-b014ba9470f3154146637a5a', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'contadorNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.contador.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '855958ddd921a888443f0870272c329c00c962e4838959d8781af8413125c517', + 'sourceRecordsHash': '1e7c6bfd59dbd7f99af0372905a4c66a01648f0e885e19b15c88643140f92a96', + 'evidenceId': 'evidence-1e7c6bfd59dbd7f99af03729', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'contadorNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.contador.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f119ddc8d2b349f9d6bb4407f5ef1799167712b43c5af585d47c4340db7e5726', + 'sourceRecordsHash': 'c67169232182ef3a1f23436f3b2892b7821b84ac2163e8e810a8b0a28b826004', + 'evidenceId': 'evidence-c67169232182ef3a1f23436f', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'contadorNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.contador.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a517a628b4cc1b27af6624ee1799b3567655f8f18fcd1d5ba4e7c17fd4fa5563', + 'sourceRecordsHash': 'e518157558d8cd7c7887dd79f798b523c2cc449d14a0bce66194a15ca6710bf8', + 'evidenceId': 'evidence-e518157558d8cd7c7887dd79', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'contadorNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.contador.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '272d0436ad59abf01a12f1e4ae6e3e0806427c873355044a4a248209eaa31e2f', + 'sourceRecordsHash': 'f507e6b94d33db8ab8013630a6d862ee7bd7bcf3353c7fb1b077fa50196d6454', + 'evidenceId': 'evidence-f507e6b94d33db8ab8013630', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'contadorNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.financeiro.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c1d39373659cda4bbdf15fe0bbe5524b692209a6e4c21c982227bc07fadd36e8', + 'sourceRecordsHash': 'a638c957601742dad67267cfd5834f150afb52efe58342931b60cbbe5ea05547', + 'evidenceId': 'evidence-a638c957601742dad67267cf', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'financeiroNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.financeiro.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bbae576a71cf995585a7667df267490a06ac0113c8734e74a220f0a5e8926394', + 'sourceRecordsHash': '4d014eb70cf1f7e95517165b11def79b0b51ab5e5a7949c67de587ad8881d737', + 'evidenceId': 'evidence-4d014eb70cf1f7e95517165b', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'financeiroNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.financeiro.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '74869ba316941a295c141f61b2475571f5fc230ef6cd8bebef2c3f3c90cf187d', + 'sourceRecordsHash': '2e1739ea25b7d86cb67d42fae9d14c6505a14a19e2d6dd136359bd7310366542', + 'evidenceId': 'evidence-2e1739ea25b7d86cb67d42fa', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'financeiroNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.financeiro.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '838b3bd695d75fa50520cbb59e5e54fc39069150a4facbc65ab5171e3bf180b9', + 'sourceRecordsHash': '5e8743c8742b2f5c7497174011e77a98e44b7e711b67c92b5756167f8b76ebf2', + 'evidenceId': 'evidence-5e8743c8742b2f5c74971740', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'financeiroNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.financeiro.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bc4a45cee886302641b4f6bbf835a24f8841d35690a2aed09bd94e5d85b8657b', + 'sourceRecordsHash': 'f577edbd6b3a46e66079df6bba6fda8b9db9689c819782d4f94eccb6ecbfbc98', + 'evidenceId': 'evidence-f577edbd6b3a46e66079df6b', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'financeiroNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.gestor_operacional.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f4e13857d86c11933146789c8577bbe74c4f9021a2623ad48e704442e8245b65', + 'sourceRecordsHash': '79a20430a5650200240b728d12a0213cdcdbdeae4d4aac49799b6f8abf5a3f0b', + 'evidenceId': 'evidence-79a20430a5650200240b728d', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'gestor_operacionalNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.gestor_operacional.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '575384c067cd4b5be3ff91d18a3a034e4043563cdf666a0610e47d8f62dc9277', + 'sourceRecordsHash': 'f3ee937ccc839e6f72971c2c06a4738e41a43aaef886efc579e882bd35ecb1bc', + 'evidenceId': 'evidence-f3ee937ccc839e6f72971c2c', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'gestor_operacionalNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.gestor_operacional.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0221c58a366b507dad77a731407e5ed53fb9f3e3518f20007dd513502253d679', + 'sourceRecordsHash': '3919b10a942f69e041e33502bb1b669caf67bb34615161900720dc5f2ed615d9', + 'evidenceId': 'evidence-3919b10a942f69e041e33502', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'gestor_operacionalNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.gestor_operacional.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b0c487ec1a850e615ba0b51c9c275df8c4651de2062fe429f712a248282e07bc', + 'sourceRecordsHash': 'ac2b3b2879007775a9f3a246196734792776cfeb2779865159bdad70245331a1', + 'evidenceId': 'evidence-ac2b3b2879007775a9f3a246', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.gestor_operacional.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '622456ca85376f5bb02f28ddf5279f61c6139f0f26c8af13cb68076348e421c1', + 'sourceRecordsHash': '56cb3aee4ebb458290dc4ee1ab647e466ce5785f386f204bbca979035b32647e', + 'evidenceId': 'evidence-56cb3aee4ebb458290dc4ee1', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'gestor_operacionalNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.juridico.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '65f9799c46caf9f3e3328677ae1dcc4a795e7b3e0733c50cbbf0982a41cce1d8', + 'sourceRecordsHash': 'c6488f4caf21dfeb87a678f13decd2cdd06ac54fd6ac74c1e4e940620c449d29', + 'evidenceId': 'evidence-c6488f4caf21dfeb87a678f1', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'juridicoNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.juridico.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0fe9221139b8d391f8ffd7a26aa6f2b44da38545874c6f1adf782f65021bd5bd', + 'sourceRecordsHash': 'f7e7d30a62e45a9f0fd63895405d95d42bd1dff0785f19db24b62a7997bba8c5', + 'evidenceId': 'evidence-f7e7d30a62e45a9f0fd63895', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'juridicoNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.juridico.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5d6f57d8517eb2fa55df31169ab720babf86d8bf1d92fb73bcc15a15244f58a6', + 'sourceRecordsHash': '52b702171ad75f41762b84d222e4e7f06721c70130f26813e07924d6c593f02e', + 'evidenceId': 'evidence-52b702171ad75f41762b84d2', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'juridicoNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.juridico.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6521273f2d35690f7724c93a0b8a67044aac53d2b1e7f113797b21fa37435855', + 'sourceRecordsHash': 'e8673d5d261658103edee90c25a406a655fc07b330ddf710542bd636930f1d36', + 'evidenceId': 'evidence-e8673d5d261658103edee90c', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'juridicoNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.juridico.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '534911ac29baea077dc12b89dd928d6c236a0396ca042738467d1a46e5d7d51d', + 'sourceRecordsHash': 'cc04e38b5dced9c946e1f6b68d44a73547ae08af49e2f0abd41cb23f312957c4', + 'evidenceId': 'evidence-cc04e38b5dced9c946e1f6b6', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'juridicoNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.planejamento_estrategico.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0a174949ae0394430fabe8e8851d91e75b903a9cde9cb9cd6b16a8dbf4b90ad6', + 'sourceRecordsHash': '3f365cabffcab3ad2b19d5d186d6fc733b6fdea6935a0f577c1c1b93ba067894', + 'evidenceId': 'evidence-3f365cabffcab3ad2b19d5d1', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'planejamento_estrategicoNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '07be2057c165c6e1bf8c4ad180eb5e13fccd15cba92fba690253126341006735', + 'sourceRecordsHash': '4d2196bff50ff432c770efb1e142ef6e932c546e46b3511d8058370027eca387', + 'evidenceId': 'evidence-4d2196bff50ff432c770efb1', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.planejamento_estrategico.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '00927dd48f69cbdd09772a3adda97f1e50178c0bbd06dbc97ca0961d477222da', + 'sourceRecordsHash': '36d9f919a330b107e731c0395ce00a3001e01a2583f01d9850491943a8a6cdeb', + 'evidenceId': 'evidence-36d9f919a330b107e731c039', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'planejamento_estrategicoNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c31a9b7b5774aa68900ddea30970b06e953218fa286a17ec75691e55f9295299', + 'sourceRecordsHash': '1ec5d2cd453318c0ed4e2bcd7f0becc7f0beca360d8d7e3ebe6d315ca0414266', + 'evidenceId': 'evidence-1ec5d2cd453318c0ed4e2bcd', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e917f38da6bd5d5a2075a5acfbb9105c01548397b9626c7a6bfa1d9007450b92', + 'sourceRecordsHash': '8be1669593e780018ed9ba68bb621d1acbd8874d6288eee9c9208dbe83e8fdbd', + 'evidenceId': 'evidence-8be1669593e780018ed9ba68', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.secretaria.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6ea55d2f9df8d1756a7087aad0bc4390fac2dd011834fe450e298dd960862ed6', + 'sourceRecordsHash': '7c7776f90948fda7891e450b892f7c71cda1458a8e52f4e238ea6effbbb0ea06', + 'evidenceId': 'evidence-7c7776f90948fda7891e450b', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'secretariaNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.secretaria.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '40b78d042e1d456521cc0b946c867b57f9b24d411a5fc4e4d183a3c234d31221', + 'sourceRecordsHash': 'c7dcb1ae8de85d29ebef497c8f34a16fed3f2ee48acea662b5821dc7fe93f741', + 'evidenceId': 'evidence-c7dcb1ae8de85d29ebef497c', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'secretariaNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.secretaria.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f3bcad373238a4f11eb5ae43f17e6a228630866058a184f58ab68a6aa7a3c5f4', + 'sourceRecordsHash': '3edde4c82aece8f300b10a6ff21a5a88671f850b56a561af00326825e581c072', + 'evidenceId': 'evidence-3edde4c82aece8f300b10a6f', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'secretariaNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.secretaria.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5d2d167d6ee31d7865092f2b83a04bb8252f504d81c413798d5d37dcd926777e', + 'sourceRecordsHash': '0a774c117757bff38bf1f4e059535a222d4ff15afb613305c40cf7ecc742209c', + 'evidenceId': 'evidence-0a774c117757bff38bf1f4e0', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'secretariaNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.secretaria.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '731ac342ceb8c12e3b784b584ab6cadc9c0f6d19d3aab5b83388ef13fc522164', + 'sourceRecordsHash': '4e58db4b57e9bc4c47fcc4a1241fa3c976d4556075149c1a0b6dc9dd299e6c43', + 'evidenceId': 'evidence-4e58db4b57e9bc4c47fcc4a1', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'secretariaNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.suporte.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '90e8a04d184ad679c6097e62fb04c0793843dd66d1637874b254d3d7da902cbe', + 'sourceRecordsHash': '9d47834080979dff3a96b0d524a1b55f956d2a25fb7b1c535bbb89be60a4aa6c', + 'evidenceId': 'evidence-9d47834080979dff3a96b0d5', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'suporteNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.suporte.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '694c7ae559ea4ac7f6d15141d0cb8aacb05fbdbf44cde2a10fd2ea075e6d07e3', + 'sourceRecordsHash': '41e25d28fd1690aea547fc1f6a63c501cda0c155eddb94843b9967e3830d8156', + 'evidenceId': 'evidence-41e25d28fd1690aea547fc1f', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'suporteNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.suporte.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '350c6434829ddf0fe43836c4cf25f8b29e1de627847a9436c99232395691d05f', + 'sourceRecordsHash': '9981db04001cece8f95216056340c3d4438445344dd5334169180ff489539948', + 'evidenceId': 'evidence-9981db04001cece8f9521605', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'suporteNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.suporte.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2897e5662416bc4abb2573cf90505646513ac2a5a94ec149a50163e93c37ce06', + 'sourceRecordsHash': 'ccbdf29e6b7b7fb6139791a1ffecd22b1080d1e5ee0aaf131447721172bc196f', + 'evidenceId': 'evidence-ccbdf29e6b7b7fb6139791a1', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'suporteNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.suporte.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8c0d9c196bb644f535b64fcad711c023453aecf23d708d0666eb762c6804d7ee', + 'sourceRecordsHash': 'fef1685d1556ed27fa5d580c385bcb593acd58c5454938f0721c75db35c8a6a2', + 'evidenceId': 'evidence-fef1685d1556ed27fa5d580c', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'suporteNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.tecnico.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '08b05daa1587969772043a081c928e38445fd8153ba3bd6341a73f859ad81349', + 'sourceRecordsHash': '7bb5d562b90c0c52c50d301ebb61bef096be8fb671698c4b312ad4c34e2a2cbe', + 'evidenceId': 'evidence-7bb5d562b90c0c52c50d301e', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'tecnicoNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.tecnico.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a8de96836c9820424f1548d7e9b58adeed78f7c405bbbff3a7167fcbc39d4293', + 'sourceRecordsHash': 'a32854225aaeb19aedc12f5ca59bff839a0aa664b456d00a2dcbdc7fddd440bb', + 'evidenceId': 'evidence-a32854225aaeb19aedc12f5c', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'tecnicoNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.tecnico.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6c7372afc6c574c14cc21f75564919ac9552f343a039e0d9b306f8964d95d370', + 'sourceRecordsHash': 'a91d571bd1319c6d1e7647e54a560bb1dd6e86c36e18ddd936fe322dc4f16d25', + 'evidenceId': 'evidence-a91d571bd1319c6d1e7647e5', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'tecnicoNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.tecnico.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3a66303d2ee24b66502d7299cb54c82adc1e91cba10be579595161e48fe443d5', + 'sourceRecordsHash': '4970930f34fccc58277f65ddfc43f1979c1ae901b846d141d59bdc814f27937e', + 'evidenceId': 'evidence-4970930f34fccc58277f65dd', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'tecnicoNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.tecnico.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f70279fba9128c733ef8c6643bb470be8d75ea3e9fe1334d9198dadc2e4d1d77', + 'sourceRecordsHash': '04e4410ef3c227c94b63d10242685ab0097799c34237fed1325c7c2ef579dfbe', + 'evidenceId': 'evidence-04e4410ef3c227c94b63d102', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'tecnicoNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.usuario_final.acao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '09ea6123d6e64733349fd0967457e9d9a17ffd61339039b41933d5c5a0b44239', + 'sourceRecordsHash': 'e925fd4b74aa5ffaa3f4683e777cfd84247b38a98f6b0e412e08c8634fdda97e', + 'evidenceId': 'evidence-e925fd4b74aa5ffaa3f4683e', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'usuario_finalNeed', 'acaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para intelligence/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para intelligence/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.usuario_final.auditoria.administration-route', + 'platformId': 'intelligence', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4f1956c8a3f657f82ee84c2b4eff01ad8c9e24ce5a1b529c86b65e795f171232', + 'sourceRecordsHash': 'b914287b979293728ee787820ae696e65a1df00bee5da94f949d5331449a0c08', + 'evidenceId': 'evidence-b914287b979293728ee78782', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'usuario_finalNeed', 'auditoriaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para intelligence/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para intelligence/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.usuario_final.consulta.administration-route', + 'platformId': 'intelligence', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '05d0bc0f4fe99c0f425bbf64cbe98006f99e83a36909f4a9ce14de9e613c083f', + 'sourceRecordsHash': 'd78dc30e912612037e7e87630231d0a19a2c750bc229a2ba0b4d4974187da730', + 'evidenceId': 'evidence-d78dc30e912612037e7e8763', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'usuario_finalNeed', 'consultaState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para intelligence/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para intelligence/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.usuario_final.diagnostico.administration-route', + 'platformId': 'intelligence', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4004d2d94bdf0a7516017c73fa8aad59eee3878a2dcbe9d11f98705884995382', + 'sourceRecordsHash': '318d37a9b539a966c8eba0d13b9e532d80aa5beca5498c4642e759c7225dc2da', + 'evidenceId': 'evidence-318d37a9b539a966c8eba0d1', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'usuario_finalNeed', 'diagnosticoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para intelligence/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para intelligence/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'intelligence.usuario_final.explicacao.administration-route', + 'platformId': 'intelligence', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c0733965eaea19e5db93d1810878968e6ffa3d02a80bdae57b7dc1797d006e99', + 'sourceRecordsHash': '197064a1a9c4f5151b8aaf71e9f6d2f1175b90ddfa74d1a34b91afba389bff1a', + 'evidenceId': 'evidence-197064a1a9c4f5151b8aaf71', + 'truthState': 'blocked', + 'panelReady': False, + 'gptExplainable': True, + 'sameSource': False, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'intelligenceStatus', 'usuario_finalNeed', 'explicacaoState', 'strategyGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para intelligence/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider intelligence via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para intelligence/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'blocked', + 'blockerReasons': ('same_source_false',), + }, + { + 'routeId': 'mcps.administrador_empresa.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '731eb137ab8e9762e7233dbffa5004847dc346ba1249ef198c88606e75ed2b22', + 'sourceRecordsHash': 'ff3cb5d7815bce1ebff74644ba78a3bbba0eef09a88ed0c3ecb332e8029a0a52', + 'evidenceId': 'evidence-ff3cb5d7815bce1ebff74644', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'administrador_empresaNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.administrador_empresa.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0a2f80d14bd84522bf92e1fc25d5e448b91e19081e34079b6ca4669a5895a42e', + 'sourceRecordsHash': '9ff5eced39a12c02a3bc15cf4dffa73f1fffd4747cd9a1d383c5b10c8b757b47', + 'evidenceId': 'evidence-9ff5eced39a12c02a3bc15cf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'administrador_empresaNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.administrador_empresa.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '855fca03c20d6b6c195629a84e969092d5fcdab33a6ecabb87bf79d7f5fbae39', + 'sourceRecordsHash': '9347d368f74fd8c55e7f0354321742ea2abe196665f92c3b8e5ccf0b0173c73d', + 'evidenceId': 'evidence-9347d368f74fd8c55e7f0354', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'administrador_empresaNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.administrador_empresa.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '647612572edc77a2b1d451f7f5a347d5efe0d13e5d94c10e7d9b6d14bb4431b1', + 'sourceRecordsHash': 'bad9c3151339bb859220ef808cbd96fe66a5b7a780d4186afe1879d9216af855', + 'evidenceId': 'evidence-bad9c3151339bb859220ef80', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'administrador_empresaNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.administrador_empresa.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2e1191efe1b707d7931c4b3c1c9ab90eb40d03f4862ec43f97bf543127ffd0f2', + 'sourceRecordsHash': '7e1284940968cc106f2576dacced19a6ab07433c550b6c5302889cb20a0104ef', + 'evidenceId': 'evidence-7e1284940968cc106f2576da', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'administrador_empresaNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.atendimento_cliente.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e077023f0d69f4fcd2dc05638c1dff613a17c2e43d62d5692853a1cdf007b31a', + 'sourceRecordsHash': '17872d16f41e8f9eaf2d7198e6d2e672454e84ce96628ee771716a7b153fedb4', + 'evidenceId': 'evidence-17872d16f41e8f9eaf2d7198', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'atendimento_clienteNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.atendimento_cliente.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c204989602a42f654368d40606e74533fc171942632e299568c36b0ab9329ad3', + 'sourceRecordsHash': 'e8093a4f2c25eb901ec67f665f180af91852fafd0a11f3de15db649505813b8d', + 'evidenceId': 'evidence-e8093a4f2c25eb901ec67f66', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'atendimento_clienteNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.atendimento_cliente.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7efa6001a0b1660a4b2830c43b4fb222b3e87617872780e50ca809c086ce015e', + 'sourceRecordsHash': '1a02886aaf226efaaeda7cd67987d34918a92e286d7253feb855a8d7a32ffd0d', + 'evidenceId': 'evidence-1a02886aaf226efaaeda7cd6', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'atendimento_clienteNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '75c47062d4bb4f08d083f11152f5495a4227258242e28251d4bff09ddadb56ac', + 'sourceRecordsHash': 'f6159e65ab0519d040be1f9ed056c08b5b28e8127d8970c343a69855c15ef1f8', + 'evidenceId': 'evidence-f6159e65ab0519d040be1f9e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.atendimento_cliente.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '705174c3b814d20949623935be1eff471024c37b4b4c604adb383fb5cf255c58', + 'sourceRecordsHash': 'f8cc2df9cc6e3f08d0e1367ea7bbf5a9cd9f03d8678855189e2e389f26c2b7f8', + 'evidenceId': 'evidence-f8cc2df9cc6e3f08d0e1367e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'atendimento_clienteNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.ceo.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c220c7ee2bea99b3af8d5f0ed5023edb0b67c65fa488f3493b6ebd415d3fea3a', + 'sourceRecordsHash': '80bcd12139e3bab80c207b5f6a2c87ac8da4213625d40b94c0a65a82436f91f8', + 'evidenceId': 'evidence-80bcd12139e3bab80c207b5f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'ceoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.ceo.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f045483e929acd7e7b76a7018c1d6a13342b3194be797be34b3838f97b2c78d1', + 'sourceRecordsHash': 'c045116584ecb609b1d7c54876edbc241b89a58f6e9d0d6f96d42d364917a757', + 'evidenceId': 'evidence-c045116584ecb609b1d7c548', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'ceoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.ceo.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '13bad212bf66848f7a5c541ca7ecd17cb8863b2530b261b5e1b3bde7556dc951', + 'sourceRecordsHash': 'ba64660a7d5d9d75537b532d4c65d63ba27abf49aae0d1f0eea156830d4eec5d', + 'evidenceId': 'evidence-ba64660a7d5d9d75537b532d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'ceoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.ceo.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a6c2057d78d470e51b592adce57024059cd959563e92ebde0c4db078c3fc2a1e', + 'sourceRecordsHash': 'b8ca619a4607edef85926d56755674c7ae3dfa7df708bf0ad40816c2563f543e', + 'evidenceId': 'evidence-b8ca619a4607edef85926d56', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'ceoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.ceo.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '11afd23a5b817e1424efa54e9ca9adfcd56aa24bf64c40812d48b66e8982315f', + 'sourceRecordsHash': 'aca55df20dde5d7720958b9a27d42ed38975b905a353ef82b14512500d1650a9', + 'evidenceId': 'evidence-aca55df20dde5d7720958b9a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'ceoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.cliente_externo.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2612de095b5c6e8737f3e0c5e2209200a989778acd946321588c228f41c75ae0', + 'sourceRecordsHash': 'dccfe9a9477b956b3e86af69a0e622f2e1eb7f30286ad9a12c4cafc28a13409b', + 'evidenceId': 'evidence-dccfe9a9477b956b3e86af69', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'cliente_externoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.cliente_externo.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '26534ccc5a408ccfeb5c47ab606bcdada8bb0e6542b3d9e4f3b72316f92c89fc', + 'sourceRecordsHash': '4975723a7aeeeb762ae719c7614c5d6aab8128a6073b031465e80bb01b8c0817', + 'evidenceId': 'evidence-4975723a7aeeeb762ae719c7', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'cliente_externoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.cliente_externo.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a0bf7503450e704c9bf250f1365f14d5a822dd26bfdc03b1c9a28c00fa734bd0', + 'sourceRecordsHash': '59bdaf0880f79d05c5126856922f9fcad35eab3914aeab17928ddef248468d5e', + 'evidenceId': 'evidence-59bdaf0880f79d05c5126856', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'cliente_externoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.cliente_externo.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5be1e7d080b6f216924c8b13ed6e7d43e3065efe1d6acaf82a7ea16bdaad6258', + 'sourceRecordsHash': 'e58f51d466dc73633f298b7f168a1e3e1e9e25335eddd3125b3dd123b965500c', + 'evidenceId': 'evidence-e58f51d466dc73633f298b7f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'cliente_externoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.cliente_externo.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3cfd63a789cc1b63e3906ecb5f5b16abca1faa59d699973c61220044c1994eae', + 'sourceRecordsHash': '374ba4ad0a09ebecc4325bc1a240ed2093cc4d6dcddbc71cc4043dbeaf2c269a', + 'evidenceId': 'evidence-374ba4ad0a09ebecc4325bc1', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'cliente_externoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.contador.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '014d8c8969febec0ca23089473749bb7563952810a214683c742e5c709d2b0d4', + 'sourceRecordsHash': '719cc211ea59a402ed9f47073398a493c2355c2e649099a2a07ebf7f80725c76', + 'evidenceId': 'evidence-719cc211ea59a402ed9f4707', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'contadorNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.contador.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a080d00753f33b535ac9d8bcd48895e64b2f5d1554da6a7c0694ac2ade99e8b2', + 'sourceRecordsHash': 'f6d3e337f98bdc4e514d38717de712f0a6c99111032d935f2b0b5dea25c08d32', + 'evidenceId': 'evidence-f6d3e337f98bdc4e514d3871', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'contadorNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.contador.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '723e83733a670e7e116c3be8668c95e6431a20568f6bbbc143f91cccfd4323a1', + 'sourceRecordsHash': '5d965deeb3b92a83dabd5336fdb6fcadea37104de3e943a7754e6cdca23f9ba6', + 'evidenceId': 'evidence-5d965deeb3b92a83dabd5336', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'contadorNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.contador.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2e6547446ddbf9ec9268307cf52591413f8cb8110620e97689b6104570187108', + 'sourceRecordsHash': 'd563ccd356b9ff1b95573d9f2f8d24ebfc5f3960fb1af6f7d29f654ca4ee400e', + 'evidenceId': 'evidence-d563ccd356b9ff1b95573d9f', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'contadorNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.contador.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1a698cc4560422c2c3df0c9302affaff263846b4170627158600962a01b10be5', + 'sourceRecordsHash': '4af571b1d285771cbc78ddee4bfee4fbea84cfe22a75493ffce694d58c5fc20c', + 'evidenceId': 'evidence-4af571b1d285771cbc78ddee', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'contadorNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.financeiro.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a3a9dc5b31c21f7c7d79ed5f04f552b896a7b97638ba927495f8e5a14c42b168', + 'sourceRecordsHash': '92a98dfd414054a33bf0c718685fff12fb041c34b2bf1c61eb066959bf6431ba', + 'evidenceId': 'evidence-92a98dfd414054a33bf0c718', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'financeiroNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.financeiro.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '95ac0e6200feb5e229d0b11cbd2ab0656863c5242c0c8c5730c82b437a35b9d2', + 'sourceRecordsHash': 'b9936ee9a3ea8b0176bb7df31eb5bf83d85ec813706d77aff6803741403c4853', + 'evidenceId': 'evidence-b9936ee9a3ea8b0176bb7df3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'financeiroNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.financeiro.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd737c250a144ebdb77b27cc6376d3c908f823e55d9560d03a5f9c03c62e66902', + 'sourceRecordsHash': 'f301fbfec2358b733be30490a35bad54fa2e85a0de368f767b44876366531730', + 'evidenceId': 'evidence-f301fbfec2358b733be30490', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'financeiroNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.financeiro.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8d8abd58179250d2e9730acb6e4bfda695e0d249d8896aecaafaaf005f94fc9b', + 'sourceRecordsHash': 'f0d5209c1a5a9a9a33806ffa0ba4ec4244e0ac7f0a746af5025375d83422eefb', + 'evidenceId': 'evidence-f0d5209c1a5a9a9a33806ffa', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'financeiroNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.financeiro.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1768dc28595c9ecaf4600d4115e858accfaae619085f791837dd8262f8fa0582', + 'sourceRecordsHash': 'd79aa10fdcdeb68fb9674c2492c05cfa31dbe60b443bd6253acc51f99555dad9', + 'evidenceId': 'evidence-d79aa10fdcdeb68fb9674c24', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'financeiroNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.gestor_operacional.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4b29fd812cc198f55d1d0d88c54d7eac8966d60bbbb4cf2a95d40aecb208f22b', + 'sourceRecordsHash': 'bd29f454b2e66cb17ee1e91c895f6940f9c9e76537c561ab81265b2d4879e265', + 'evidenceId': 'evidence-bd29f454b2e66cb17ee1e91c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'gestor_operacionalNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.gestor_operacional.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0cf290bf33698dc85504a0187f18385ea5a24337fd2ad85761e3fd370738b187', + 'sourceRecordsHash': 'd7b5f8d62f34b390904101ebf13a7d3feaac920fbeafff99f593a1764632386c', + 'evidenceId': 'evidence-d7b5f8d62f34b390904101eb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'gestor_operacionalNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.gestor_operacional.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f0048bec76df852e740e173d09df8f473213f30d4ce24dce609232a88a5d1e69', + 'sourceRecordsHash': 'd90af0ddde1e6e008552129c131abc9bd8ebbcacea19519530ea866a50bdfdc8', + 'evidenceId': 'evidence-d90af0ddde1e6e008552129c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'gestor_operacionalNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.gestor_operacional.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '61255324537dad05c17ea8a749063ca24522fceeb2b2e581136927725a048304', + 'sourceRecordsHash': 'e08e9d7c5ef7ba70959d2f313dec80010dfc933f8b5968b387299e6056b3f415', + 'evidenceId': 'evidence-e08e9d7c5ef7ba70959d2f31', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.gestor_operacional.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3a14bf496cc1078a075cc8ac0c8b1fae126011fb723992467907bc9e5c954087', + 'sourceRecordsHash': 'a0cf5577842151f34cf24883b28a6cbd35122004121902bb0c519cfc44c1d304', + 'evidenceId': 'evidence-a0cf5577842151f34cf24883', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'gestor_operacionalNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.juridico.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2aee1a7934602713da88f5eb6a3ab447729e1fca90edb9b84448ca3b53665a7a', + 'sourceRecordsHash': 'dc9f6ccf80844bc8721c714ada2317cd6aacb0e5cd6be57f1b4f291be9569cc5', + 'evidenceId': 'evidence-dc9f6ccf80844bc8721c714a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'juridicoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.juridico.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0e8cab4cf54f2707e7bb353d4ab06fd180ac3427062107959227475814fed3e6', + 'sourceRecordsHash': '824da85c88101f8f623a8e55f0ab3688d28870d265fd45a1b84e21a4bf7e0c98', + 'evidenceId': 'evidence-824da85c88101f8f623a8e55', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'juridicoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.juridico.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0eb96c645782ddfeb53d6b10b5cd87db75a8d9d70fb67f4b147c98fbabd293be', + 'sourceRecordsHash': '3232ea78796077cb1b1fc18e6910631d72db90466afc069708c0935f3d8aa298', + 'evidenceId': 'evidence-3232ea78796077cb1b1fc18e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'juridicoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.juridico.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '73ae253ac331f44ab12fb8c5a91700ed396466be3ac47af4918232a20ee0ed72', + 'sourceRecordsHash': '475db604c79db056c3e5c929ae950f8f178a3173c782aa5b1dcbb8c2c2885f93', + 'evidenceId': 'evidence-475db604c79db056c3e5c929', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'juridicoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.juridico.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '95b4ba80cbfb1cc6a061a49cbf7964f677f4fd03c7c16728fd1a9bc8d04f0557', + 'sourceRecordsHash': 'fcbc4a44dfb49f4159b95fd2691400ae7d72e260ce662d02b2d63f5f261cee48', + 'evidenceId': 'evidence-fcbc4a44dfb49f4159b95fd2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'juridicoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.planejamento_estrategico.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9968ce075c30d744ae5ec23338e88ac5e842e1344abcb4a2cb14bcd80dfabfe4', + 'sourceRecordsHash': 'fff1ccac685319cdf8bffbf681f0622b8d462ce11c6469c126b512cdff31e75e', + 'evidenceId': 'evidence-fff1ccac685319cdf8bffbf6', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'planejamento_estrategicoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b6562741ed6962fdfd05b3885d000c09d491f86ceba36d64175a738409722cab', + 'sourceRecordsHash': 'b499e2611c74801c59c3c400781ade33aa3abe22980aed8addc41afdcd459ad0', + 'evidenceId': 'evidence-b499e2611c74801c59c3c400', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.planejamento_estrategico.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f834f6ca3ed86c393c94b6880f66c8b211850512059cfcbccadf60e57f36c6fc', + 'sourceRecordsHash': 'd021810f3449196c500a4461a1191c6f576e4040efb58b095645d9ef9751b2b4', + 'evidenceId': 'evidence-d021810f3449196c500a4461', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'planejamento_estrategicoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fb7d9eb99e39457890a8e151499b94a45330cd394d3ec300234659b105712365', + 'sourceRecordsHash': '54f32d27405cb76107af93984ddc1148fcb2fa6229687893bd1765a450df437d', + 'evidenceId': 'evidence-54f32d27405cb76107af9398', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e56a6874b9579090984a7cd5b9731fcec680698504cc41f85ccd4571ec4662ca', + 'sourceRecordsHash': '99f93b2c5c026440341a9defcdda10c50a3c069d0f8a3421285cc66debcc63cb', + 'evidenceId': 'evidence-99f93b2c5c026440341a9def', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.secretaria.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7bd56540fec188f1ebb72132f1b79c444134293263e7ca93e8c19f81319df003', + 'sourceRecordsHash': 'b6cf45b5966d4ef50ab4693a9aa6f2c9bab717a340d165312dc6b34cc6c545b1', + 'evidenceId': 'evidence-b6cf45b5966d4ef50ab4693a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'secretariaNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.secretaria.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '485637ecea37663ff0785d90bb46366858b1a4da03c18f8cb9e28b1d50dd101d', + 'sourceRecordsHash': '80bf0d845797a5f6daf0a15cfd27a5afa24fcf7ac5e5e5a0b4438bdfb3b126cc', + 'evidenceId': 'evidence-80bf0d845797a5f6daf0a15c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'secretariaNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.secretaria.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '051ed5abaddd2eef72fe82f62e74f9c5adbe348827e756950d6edb66da3768e0', + 'sourceRecordsHash': 'eecc3fcb8014ed3c4d6ce8ecf71621db60de7e6c2861ddadbbc7be3551434936', + 'evidenceId': 'evidence-eecc3fcb8014ed3c4d6ce8ec', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'secretariaNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.secretaria.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7d0d34ef87ab7817acea56d79ef5a3f2385e1b90f2ce01c14420d8413643047e', + 'sourceRecordsHash': 'de8683d64a31bf51f50c0c3adab871602bde0b1f79c85101e7b378b11e959d50', + 'evidenceId': 'evidence-de8683d64a31bf51f50c0c3a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'secretariaNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.secretaria.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '09e2bf7746d24efdf9ac5890fa420fd8a694d02b687c2d7af7f68278942ce0ed', + 'sourceRecordsHash': '5296d5ba394e8ab766e15f03b2fd07c6cbc27c7e6670c73c62479a77160c528e', + 'evidenceId': 'evidence-5296d5ba394e8ab766e15f03', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'secretariaNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.suporte.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'da1a22cbfdeb2dce253c9eaceec2f4a1bc5dbeb6e7caa8d64b7ee715a524e229', + 'sourceRecordsHash': 'b7c055d2958976df84d6e83be31cfd0696ae942c05afcdc2d900bc02ca8942a5', + 'evidenceId': 'evidence-b7c055d2958976df84d6e83b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'suporteNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.suporte.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '08071fe221c6b46e54bdde1665335d8b1e9ecacef0194c62502189bc4d917c2a', + 'sourceRecordsHash': '486670ba3e75b7a635a515f8ae353f853ec7e9b4ec28174caa4a437044fe823a', + 'evidenceId': 'evidence-486670ba3e75b7a635a515f8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'suporteNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.suporte.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '42564f113b24d53d65f30a1397476f92a8c774845974e7c2cbc72945ed703eb9', + 'sourceRecordsHash': 'ab7c1db1f7de211ebd03428af22adde8ad0eaf7b0f989da99f3886e193474b70', + 'evidenceId': 'evidence-ab7c1db1f7de211ebd03428a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'suporteNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.suporte.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ca653879320778785b5def25d846657dd46c4860daa895e659fedda00519d6e5', + 'sourceRecordsHash': '40ee418eea684a1366eada2401bd9ce7f3eec12c64602ec3fd1f8ce9c54fedf5', + 'evidenceId': 'evidence-40ee418eea684a1366eada24', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'suporteNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.suporte.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd3da5546e53b86abeb53bf29ee606a2fed00d286a3b47dd005d26896948e0850', + 'sourceRecordsHash': 'adcbc0389692e69e5bf594028b55b4d922449ce331a88dcccfb3f387001843a0', + 'evidenceId': 'evidence-adcbc0389692e69e5bf59402', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'suporteNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.tecnico.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2d9bc4f5be7b90aaff306430cf25973dcc30904312d6a1e5d0aedf2eaedfc451', + 'sourceRecordsHash': '89479cca7c85ddb6e1859669efb162d201e85543896e1404e7b5a9a5a8e01081', + 'evidenceId': 'evidence-89479cca7c85ddb6e1859669', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'tecnicoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.tecnico.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6a502b9650bf7a12ecee791de72cfa3ef5a333aafbe9e6d6699fdabc6aedc749', + 'sourceRecordsHash': '52579cebc040238f21659eb9542294d01b6a6ae9c4438c022a68663121f31035', + 'evidenceId': 'evidence-52579cebc040238f21659eb9', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'tecnicoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.tecnico.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3da911bd04c7af334a4affea60d6ca487ff0a2bb4bcd1d05fd30497a2b734b98', + 'sourceRecordsHash': 'de76cd086d2bb8364ea1022492d6bd08ead1d2708614fae2995869c78a42cd7b', + 'evidenceId': 'evidence-de76cd086d2bb8364ea10224', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'tecnicoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.tecnico.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e20054b16e19e9838048f0ccecfdaf1e88f92ad0731012345a374bbcc906615f', + 'sourceRecordsHash': '3fdbc3064f1840eb0528c4512e5aedc5ef2078a445b355707c800fbbbccb1d4a', + 'evidenceId': 'evidence-3fdbc3064f1840eb0528c451', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'tecnicoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.tecnico.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '07a6fcc51fd462c0275c57ad08b78185fd9bed8f48ea5faf39b63c136ee8b4f7', + 'sourceRecordsHash': 'addd8b65c3355261eceea2b0c74d42cab85e8a7206cc2d20c4c95734fbc8da77', + 'evidenceId': 'evidence-addd8b65c3355261eceea2b0', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'tecnicoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.usuario_final.acao.administration-route', + 'platformId': 'mcps', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3bd5236562cb04136fb55d20081eae195981c65fc9c9f44c9e4c8c29528d91ed', + 'sourceRecordsHash': 'c7e83904604f2c94d15712931f4bd737b59a8dac344e3e37c94c7f9f124e359a', + 'evidenceId': 'evidence-c7e83904604f2c94d1571293', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'usuario_finalNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para mcps/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para mcps/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.usuario_final.auditoria.administration-route', + 'platformId': 'mcps', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8a013fe9f4be06bc2ba6216471df26053e12c4be77e5ca2d96ea58c4bf2490e6', + 'sourceRecordsHash': '5f036419dc3080297d026fdbaaeaf8bf6c844d1db0f0faa77527543caac8660f', + 'evidenceId': 'evidence-5f036419dc3080297d026fdb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'usuario_finalNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para mcps/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para mcps/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.usuario_final.consulta.administration-route', + 'platformId': 'mcps', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '349825be0891d9d9722f0a8c979ee5744fbf59171328a62af2b677d6ee1a6bb0', + 'sourceRecordsHash': 'd0e4c8400a964edd67e5817c125d030e607c18a2138915d563264f2776f3b178', + 'evidenceId': 'evidence-d0e4c8400a964edd67e5817c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'usuario_finalNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para mcps/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para mcps/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.usuario_final.diagnostico.administration-route', + 'platformId': 'mcps', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5790ffac87de43ae7dc1efc00475968af647c7e659fa6b774cee57ffe2e013e9', + 'sourceRecordsHash': 'f7058ba3b7600deb33a6d2f2e45f7f4d4c677f4ff25039b1e69efa1069108a2b', + 'evidenceId': 'evidence-f7058ba3b7600deb33a6d2f2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'usuario_finalNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para mcps/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para mcps/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'mcps.usuario_final.explicacao.administration-route', + 'platformId': 'mcps', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '058e0bf084da7aaf4ac3da9ace1c5a867cf4b2b75d6af95a1aa0333a62c75bb0', + 'sourceRecordsHash': 'cda60200d392b2fb9b8edc164f4d7e255ba49c90f868d9923612edb23c7852e9', + 'evidenceId': 'evidence-cda60200d392b2fb9b8edc16', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'mcpsStatus', 'usuario_finalNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para mcps/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider mcps via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para mcps/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'platform_base.administrador_empresa.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1a7ff8451fd674f7a18c60b190acd5dda87588333459d9c095c4ed7380e145bc', + 'sourceRecordsHash': 'd1397e4817df5543ea22707eea508db1d93d30462e60cfae5048df80a58e5eb1', + 'evidenceId': 'evidence-d1397e4817df5543ea22707e', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'administrador_empresaNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.administrador_empresa.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '43702a7915cf4c1cd822a5cf556a626d40655d6ea41afb049cfdd0348eb4b1a5', + 'sourceRecordsHash': 'e7f1ba3ff550869e85e155d41f5b851fac12e9d48c53d608e4e38f47dbb8a352', + 'evidenceId': 'evidence-e7f1ba3ff550869e85e155d4', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'administrador_empresaNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.administrador_empresa.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c9807c75c9a23300d7fbc679914d51b7225b3b6f92d9f4af0527be5fd009cdfa', + 'sourceRecordsHash': 'f85dac8479e3aa279531b2bd86194a498bdb71eca01520c886b7344951e1426c', + 'evidenceId': 'evidence-f85dac8479e3aa279531b2bd', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'administrador_empresaNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.administrador_empresa.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '35a7ecf97d0fd5471eb317c25e6bf09c9d5ae49e08f6f4afc115c20b17f8ac64', + 'sourceRecordsHash': '4da4c177a9643e83a9079785a4937b8d8666ed235f922f02aa39c74516e69494', + 'evidenceId': 'evidence-4da4c177a9643e83a9079785', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'administrador_empresaNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.administrador_empresa.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0cf72c5dfdf185a18ce0cdda38dc43749f96c982e352c02276e1ee01d3ba5dd6', + 'sourceRecordsHash': '29528d931a83f0056e86c406825a53d853e0c66953b33adadb57bb6ff69b152d', + 'evidenceId': 'evidence-29528d931a83f0056e86c406', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'administrador_empresaNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.atendimento_cliente.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '800b6d42c5f9a616a73038b63a8906b5956181ede94725d7015d492c107b0285', + 'sourceRecordsHash': '98fa40d2123bf9c4b5590355906f939e480fdf3c4aae890768368968e2eed885', + 'evidenceId': 'evidence-98fa40d2123bf9c4b5590355', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'atendimento_clienteNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.atendimento_cliente.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bfdf17ae73bd96fb03eea08ec22c8f66a5f260847d4c8b773c52b30c737d3fe7', + 'sourceRecordsHash': '3da416f3038c3a50e43db3cae9aaa2b8dda4c1bccec8c3412d0e2d2f495acfed', + 'evidenceId': 'evidence-3da416f3038c3a50e43db3ca', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'atendimento_clienteNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.atendimento_cliente.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1a50bddc04ce1f97f780d63ea1dc19741a22289593003038eab7882b098f14c5', + 'sourceRecordsHash': '48377a153f7d12bdcc36665d95e9ac1b974ecdc5663b0bfe272009bc433eba90', + 'evidenceId': 'evidence-48377a153f7d12bdcc36665d', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'atendimento_clienteNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1ec20af4ed4b527316521bde4fae99a447283f54629ddf0ef7e86f7ae317a07c', + 'sourceRecordsHash': 'af0d93011df3e5c96757524d6ef700c0cd20773e441be68c9fe5937abd206892', + 'evidenceId': 'evidence-af0d93011df3e5c96757524d', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.atendimento_cliente.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '35791074a06ca2d7e6833f1aec6bdfde9d8e16985ac1e4486ee774b25298bbb3', + 'sourceRecordsHash': '04c88fef522e7a71f1ca007b88f291d334eb4d730d8010613b854c931795116f', + 'evidenceId': 'evidence-04c88fef522e7a71f1ca007b', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'atendimento_clienteNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.ceo.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '55831a7fce2d6ea671e802bbe5e87da630281b7b18f163274720a65980d15562', + 'sourceRecordsHash': '3a26509e3767c56a6df5c3aca196ece31f71af869408859f0ab800b9f635ec3b', + 'evidenceId': 'evidence-3a26509e3767c56a6df5c3ac', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'ceoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.ceo.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd016d1fa4debc4c052d22e88f12f316256a59ba3b19db091dd7dbb8d9b0436a5', + 'sourceRecordsHash': 'cca2797590077f8349d24bd5985c29ae9a98386c7cdb6f72c356043219d09c67', + 'evidenceId': 'evidence-cca2797590077f8349d24bd5', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'ceoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.ceo.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '93111066866859b26c3efd6a2a61c293ed832c4f11ffbe0ea2b098d82d93759a', + 'sourceRecordsHash': 'c16738d63fad330503d2ab124f14ce0d81163945fc7eda1b60fe52dfb6a30b20', + 'evidenceId': 'evidence-c16738d63fad330503d2ab12', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'ceoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.ceo.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '694fd8e98c0362450253b38af70c42ac164a6c1dce75eebeebf0ef2a1cac8e4b', + 'sourceRecordsHash': '0bcf2c11f1255724212fb16d569cbb51854f55c7a19061f75008c9d8de516548', + 'evidenceId': 'evidence-0bcf2c11f1255724212fb16d', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'ceoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.ceo.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'adcfb3e46a9d2faf1cfebf53aa434a445921eae106f4e471c17476ba153c6238', + 'sourceRecordsHash': '28ee3572f27c330f2e49afa0f641d86fc8fd2af7ee6292bb9139ac5b3606f459', + 'evidenceId': 'evidence-28ee3572f27c330f2e49afa0', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'ceoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.cliente_externo.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '182f6072c7b1cb681ea5a541ec29a5faa5f32860f32dffcf16efa4556ee34a29', + 'sourceRecordsHash': '1542d41b83c5fb01d28535ab73f5f82e258e1bef69487bdd5bde19cf51e08356', + 'evidenceId': 'evidence-1542d41b83c5fb01d28535ab', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'cliente_externoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.cliente_externo.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd7ff99e890d447ab8f2f585bd22711f1860293a79a78a453a7130c3f477064f6', + 'sourceRecordsHash': '5a473c36e08a6c8555cc80cd177e56e0d1285b16136c48f4b0d31f4655adf404', + 'evidenceId': 'evidence-5a473c36e08a6c8555cc80cd', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'cliente_externoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.cliente_externo.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9123c02af00b723e4a3013ad37cbe9630a6af3d7e01abbbe209785308dd5758d', + 'sourceRecordsHash': '7fd0b5bcf0748924edbf11f5569c4a30c3bc4339988b371cba9bf4a95f91b997', + 'evidenceId': 'evidence-7fd0b5bcf0748924edbf11f5', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'cliente_externoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.cliente_externo.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9c1017f8b4c09528293e12006e20443ec06706d0b50774c1495a2e98c0809f47', + 'sourceRecordsHash': 'cd79e691cbfefba35e6eaed80b99c316cae5075575b16196a602ac9d77095e0a', + 'evidenceId': 'evidence-cd79e691cbfefba35e6eaed8', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'cliente_externoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.cliente_externo.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd40989cfc00bd66348105503592efc28b8e107fe5066d3fe7fa70588ee8bc00c', + 'sourceRecordsHash': '5b5ec4ae249b07b2114f0b3fbf2caa29f5fb32b3273f1d6daa5848109f6e6c20', + 'evidenceId': 'evidence-5b5ec4ae249b07b2114f0b3f', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'cliente_externoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.contador.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a481a6e823dbf2e709b412e6cd0e222554af12d4186b6f8cb4d01c672e2cb227', + 'sourceRecordsHash': 'dcbbb3d1d458d04cee4a5668684008cf6d5b9a27f309d92770aa92478f274a8b', + 'evidenceId': 'evidence-dcbbb3d1d458d04cee4a5668', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'contadorNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.contador.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3e37c1384c65387a180991a862d39ef84c0bcd19cd2dbc425d18c2d01a9d84d2', + 'sourceRecordsHash': '3d4d3f6e880ed8b9c19be93ae4111900fb805fb1a0956601da212ffbe1f92da0', + 'evidenceId': 'evidence-3d4d3f6e880ed8b9c19be93a', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'contadorNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.contador.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4b0b7d9ccea30a9b3ac3262a52d102c3867a6a4a54020e3318d4e7f54e4f9a3f', + 'sourceRecordsHash': '3d6a1724f1500bc6edb20f3d142936848861f8351a8d355c7a8dc1d31b9033e8', + 'evidenceId': 'evidence-3d6a1724f1500bc6edb20f3d', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'contadorNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.contador.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ae6d1abc87abe63f54800927a27f178674434f411166de924e9ceefa5619b110', + 'sourceRecordsHash': '3e06b6c028c575fae54da2e549e7dc4f29a3f8c6f1f1564c0e94a72f59532d3a', + 'evidenceId': 'evidence-3e06b6c028c575fae54da2e5', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'contadorNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.contador.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '06117f7b1ebd9735e73f265281f07147a7d7f9eb58b5c0d711402cb4e081223c', + 'sourceRecordsHash': '670e29a7ed61c62814cf2aca7caf895ec90c9047bb9e8e94bc3bcd59fe914fd7', + 'evidenceId': 'evidence-670e29a7ed61c62814cf2aca', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'contadorNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.financeiro.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '128a7c8978639811c27976c47babddb55003a9a14adfd83c2c83b7e4b01fc4fb', + 'sourceRecordsHash': 'b665fefe8dc6445658c2d64ba7e3ac47bbb3746ecadf9657d410769b727ec89e', + 'evidenceId': 'evidence-b665fefe8dc6445658c2d64b', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'financeiroNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.financeiro.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5ccb9bca0b4c08e2e5c225c0a51bcc7fa6338343b4d60480664b89a0a2afd7e0', + 'sourceRecordsHash': '7466ad9e0e433c2f63afb9a0521a386273a89e22acc8bc9abb7bdb0e27d45ff7', + 'evidenceId': 'evidence-7466ad9e0e433c2f63afb9a0', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'financeiroNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.financeiro.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a57da1c67812c5d20190d1e20e939fcc11334391292ee0d98702824fb15acfcd', + 'sourceRecordsHash': '31749edfb6f3516eab893c344cacb2d67e49c67f38952ab04a83f66f20df2584', + 'evidenceId': 'evidence-31749edfb6f3516eab893c34', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'financeiroNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.financeiro.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b167c6b1694743255052d1e4251ae99d84bb27d43ae68e7fc36a2365cea59e79', + 'sourceRecordsHash': '41c0d274634355757352400ad52baacd3cd1de57b235289f7c0967811538c16a', + 'evidenceId': 'evidence-41c0d274634355757352400a', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'financeiroNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.financeiro.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dfaa33bd584927e3252685c5c673d2b34b5b338ea5e370d8739ce9b451042e56', + 'sourceRecordsHash': '10ff2da799ff5c16cfd994bab8e57a18c851df16a38d4e392d479fce70f20c7b', + 'evidenceId': 'evidence-10ff2da799ff5c16cfd994ba', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'financeiroNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.gestor_operacional.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0a8bbc38c07f01f21a2ffee950a91d50a133e8d09e823ce698e008f6f10621cd', + 'sourceRecordsHash': '417d43e7fcb7fac830afd00829c062ed6e1b0c34a0f88f08a0fc09e68afa5414', + 'evidenceId': 'evidence-417d43e7fcb7fac830afd008', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'gestor_operacionalNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.gestor_operacional.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2a478bcd2545ef35ef8577fa3b70d31494611f8c65c0ad53ca6254bcbc5c047f', + 'sourceRecordsHash': '97727869fea4537a904058aca019b110b85c9a5cbbd9c52b81f13c448a048726', + 'evidenceId': 'evidence-97727869fea4537a904058ac', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'gestor_operacionalNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.gestor_operacional.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3032967ded2f539bdc4702fb99ad48f4a0912a1c07c57bb638edd749eec9f188', + 'sourceRecordsHash': '9d2d8f823bbc0aee39265efcdc0c8f6d742ecf3783cede251b3ee184e988a5c2', + 'evidenceId': 'evidence-9d2d8f823bbc0aee39265efc', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'gestor_operacionalNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.gestor_operacional.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '54cf2493f9548e7b749319a89bb508ab38a29cc8a8ee1abdcc9ca738dac093cb', + 'sourceRecordsHash': 'c2b03d99ddd1d9cd8bb380d3ebaf4a7dfcd27b176154ce5e53948bdcee9be622', + 'evidenceId': 'evidence-c2b03d99ddd1d9cd8bb380d3', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.gestor_operacional.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2efda0fb5f9888d2b60367e3e7955d19a749b24dfe122cf5ce5da6a7cd5f351b', + 'sourceRecordsHash': 'c3ba59d0ba4b9c13dbedf3a3410a616c2ca62e665f1dda0b5656d447b269ab74', + 'evidenceId': 'evidence-c3ba59d0ba4b9c13dbedf3a3', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'gestor_operacionalNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.juridico.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0afe7793c61fbcaff0a59594e13a0f1291756590fc899ff50e531f0c250aa845', + 'sourceRecordsHash': '132bbdd0201390ca2084d82b9dde0aef38320fd7454abc758b3c3123998e2d38', + 'evidenceId': 'evidence-132bbdd0201390ca2084d82b', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'juridicoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.juridico.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b69a74d30024ae12d8df806056488fbb8edeec8ad32c3e3197e095491d06e784', + 'sourceRecordsHash': '8c2a6150e9be682dda9bb8774058062aaf82d96ce826c44f9c4930f7e1c2e97d', + 'evidenceId': 'evidence-8c2a6150e9be682dda9bb877', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'juridicoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.juridico.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '78eff3071ed21b2ed9df16a6d40f3ea26410006d8408d8379adeabb4840dec93', + 'sourceRecordsHash': '73a7c837d50dd14f39eb039a52f94584fbad8cc2ae8beda1e8a92aa978e03003', + 'evidenceId': 'evidence-73a7c837d50dd14f39eb039a', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'juridicoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.juridico.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '29bf04abf29ee0f361c5f312cd461028e3f64be8df0eecdf8e3f8b8029b04ee4', + 'sourceRecordsHash': 'f38163ace7ba6e275eb6943d1c7c719c6cfadecbebce832973c4a07162dcc7a0', + 'evidenceId': 'evidence-f38163ace7ba6e275eb6943d', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'juridicoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.juridico.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '65b8848d2ecf5f8cc05f15614b986d9f792d6feb8c95fc996a606e5ee6ed573d', + 'sourceRecordsHash': '73a2e0684d60d242176da6e2a47e141858c100a75d018d7685d186b0be082e5d', + 'evidenceId': 'evidence-73a2e0684d60d242176da6e2', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'juridicoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.planejamento_estrategico.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '644cd8416792217b62450a158ef5337276b9b94c4d80c84c6d5aeb75a7451e3e', + 'sourceRecordsHash': '6fc0d1cc9664d132f2f6250545d39544f01d0ae8edc6b2ffc6068ca332a6cc74', + 'evidenceId': 'evidence-6fc0d1cc9664d132f2f62505', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'planejamento_estrategicoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '99eea319bb8174762626a58d5e126036c9c43dc7f9f9400a2176cb59247c0adb', + 'sourceRecordsHash': '9e2e61aca36885973fca3b2765d5b2a86a64fc68b3a2863dacde05ec2f5498ea', + 'evidenceId': 'evidence-9e2e61aca36885973fca3b27', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.planejamento_estrategico.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6a8e71cc5ca02cb58596bc8f004f07d8516fdd361c315298cc7f69681b8d39b2', + 'sourceRecordsHash': 'de5cce41812b1674bf6113bf4c3c1b572eeb73e4d217cb6308e3c2c5c584e5c1', + 'evidenceId': 'evidence-de5cce41812b1674bf6113bf', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'planejamento_estrategicoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9235c6f77492f14961579d7f9fcfa13209d0c2e45ea5ecdda84f80bfdb5c15e8', + 'sourceRecordsHash': '91ea08d8d52bd1c9b4bac5fbfa2189b40596c9926ac38b09b58b75bc89c51c66', + 'evidenceId': 'evidence-91ea08d8d52bd1c9b4bac5fb', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6c2bb898cfe8e807d50fa9a907df7b81549c19c164c02c3fbdf90fd258d6f071', + 'sourceRecordsHash': '9c7d29f9efeed9b7044652950aefe22ea4537605e5c6402a86b96ad6b63bd805', + 'evidenceId': 'evidence-9c7d29f9efeed9b704465295', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.secretaria.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '24e77b60c4491c24577ccc2ad4afce0c161db7efeb3070abc793cb96677b0be4', + 'sourceRecordsHash': '364c95a5ea33639ac5ab1e159cc06de2574bd39e4171f856cd1963df133bf3be', + 'evidenceId': 'evidence-364c95a5ea33639ac5ab1e15', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'secretariaNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.secretaria.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '551ddc331cef591f312a721b7f5f218c2579c447106d717370859180100a6757', + 'sourceRecordsHash': '4a2b72b6abff354417312d91ffdb68f4589c4cedbb6d88406dc38cc4f2ae980c', + 'evidenceId': 'evidence-4a2b72b6abff354417312d91', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'secretariaNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.secretaria.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ad244b0b0d239cc9d517d1fc40701d96785e6c92754198149dc51ba44d9ed068', + 'sourceRecordsHash': 'd47022ffd52edc4e808d2bbb311835982e6a60af7eb6e38e08259d03cc75e9cf', + 'evidenceId': 'evidence-d47022ffd52edc4e808d2bbb', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'secretariaNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.secretaria.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ceaf300794dbc2d95da8a50aa49363f692c5aa0f72906d61926724bb8c95efb3', + 'sourceRecordsHash': 'd210758a0bb60cc8cc1ed4cc400ca0c0e8c56e13d3696a5fbdd1a3da6c98a2cd', + 'evidenceId': 'evidence-d210758a0bb60cc8cc1ed4cc', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'secretariaNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.secretaria.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a652686b59d0a84b11a46663432bf5e6381af356d5aae5262b1768844db0c3f3', + 'sourceRecordsHash': 'b83ed6d75faa838b34a584d05394afbc2940bbde4410e0c2da094a70604b4538', + 'evidenceId': 'evidence-b83ed6d75faa838b34a584d0', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'secretariaNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.suporte.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8417da06255521728819bbb9d4e7e5d5c16c49f4c3b7b8aaa987ef61a42fec86', + 'sourceRecordsHash': 'fa573d8d6eb6e6305a1c5c02ac89e2d656f7879b3452545ddaa2b656a58895a0', + 'evidenceId': 'evidence-fa573d8d6eb6e6305a1c5c02', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'suporteNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.suporte.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '10c6886b343af32bfc6e01636852b064e1ea988cdd3a1246289ce8a798738de2', + 'sourceRecordsHash': '47a359703c3832f57e72ef117cb19bd17f4276a1287eabb23c9ebda659c9da17', + 'evidenceId': 'evidence-47a359703c3832f57e72ef11', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'suporteNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.suporte.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '03d84fdcfa2fbde36fcbaf333402bab7b704cb84b07fb0ddc5235cc1142f082d', + 'sourceRecordsHash': '2ac3a8f12230c256dfab68acea33cdf9c52bcb2cca3b6e442f4f4df4fefe0dc8', + 'evidenceId': 'evidence-2ac3a8f12230c256dfab68ac', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'suporteNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.suporte.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dd44cb98c239206d1d4858a239bc2da26131b91951884e2ace8bf30aad547d45', + 'sourceRecordsHash': 'e341afdf6a633711cac326415c6db8b68070d5e4a67ad65c1ad1f4649f34e52b', + 'evidenceId': 'evidence-e341afdf6a633711cac32641', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'suporteNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.suporte.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '91ecc8b6751530441266aa76a32f5e9910aba9d9654afb98fb0af5243ca34c2f', + 'sourceRecordsHash': '9a0d45054caab3ea3b3753781dba38fd513f35649e9ff238b74472b6f0c8aa38', + 'evidenceId': 'evidence-9a0d45054caab3ea3b375378', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'suporteNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.tecnico.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '459cd947d57de5978f8ebb2213c469b914e6054dfb3da7eb324f0bb3b525d893', + 'sourceRecordsHash': '3946eae3030540f5816a167d6bccbc77fb85b6a25f0f23ad66bc62ba0895e2ec', + 'evidenceId': 'evidence-3946eae3030540f5816a167d', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'tecnicoNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.tecnico.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dd82c878f36fe2ecdb7179f182f23e09e0764cef4087cd36bf3e30950678e4c5', + 'sourceRecordsHash': '04a9dcbdcf8424191745b6bb71f49f8e8a44ad52e6c445e3a001694afe415d07', + 'evidenceId': 'evidence-04a9dcbdcf8424191745b6bb', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'tecnicoNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.tecnico.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ec5066f1d6bd438fb355595fd4fac34aa931f22bb05b3a668923333c8f0e746c', + 'sourceRecordsHash': 'd644e71596667f455b9a18d74320ef0660dce7dcbe907a5110824785d56dbbb0', + 'evidenceId': 'evidence-d644e71596667f455b9a18d7', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'tecnicoNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.tecnico.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'aa905aa16b9283af692bd899309dc941d8f570f9e867e4a1f0ac26a4f72332c7', + 'sourceRecordsHash': 'cc6f3afc2e5ab81f9dc1ab10b0d7635a98036ffdb23ddd635aacb4444ef3bd0a', + 'evidenceId': 'evidence-cc6f3afc2e5ab81f9dc1ab10', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'tecnicoNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.tecnico.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '826d5d154aa55ee7555a17bbaa9fc2d891281a016a40d27f048483e9cebcb259', + 'sourceRecordsHash': '13687fad9ed22fd2ecf77f9fb68ce2a6bef963b541a5eee50c6d57d59ba79838', + 'evidenceId': 'evidence-13687fad9ed22fd2ecf77f9f', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'tecnicoNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.usuario_final.acao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ec8ae11c7098dcb2e69ea1fef86f8858c0df50f99d7f1d737af49ca6e5675b20', + 'sourceRecordsHash': '620dd3db23cc3d828b699a020bba6f4e0ad0b2b9f7dcdaddd8c39d0af056863f', + 'evidenceId': 'evidence-620dd3db23cc3d828b699a02', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'usuario_finalNeed', 'acaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para platform_base/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para platform_base/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.usuario_final.auditoria.administration-route', + 'platformId': 'platform_base', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e9ac2f4491e4f0f8f329cf33af2472ada996c3efdba856bd71fdfab62ed57dbd', + 'sourceRecordsHash': 'd6bd394eb2b502f32d64803aa244ebe7082d253a3081730f26fddfad182aac7d', + 'evidenceId': 'evidence-d6bd394eb2b502f32d64803a', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'usuario_finalNeed', 'auditoriaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para platform_base/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para platform_base/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.usuario_final.consulta.administration-route', + 'platformId': 'platform_base', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '64158b44630375378ce7a050b703fee88c3b395d72a61bd6ce633b1bd4c61813', + 'sourceRecordsHash': '88841d254094f0f591c22de756727376ece1bf13cab4f1bd21c4fa0fcfa6c470', + 'evidenceId': 'evidence-88841d254094f0f591c22de7', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'usuario_finalNeed', 'consultaState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para platform_base/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para platform_base/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.usuario_final.diagnostico.administration-route', + 'platformId': 'platform_base', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0362b8deae561d2c3488349313ed25a0fc9f3d32118ce9cb91c09744d3a12d5c', + 'sourceRecordsHash': 'f54ed61e4b7aabea159c6c84b41db5601ecbe607d380eff9852d35e292901794', + 'evidenceId': 'evidence-f54ed61e4b7aabea159c6c84', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'usuario_finalNeed', 'diagnosticoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para platform_base/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para platform_base/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'platform_base.usuario_final.explicacao.administration-route', + 'platformId': 'platform_base', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9f9e957ef6b46c895c1d14afa40b8965c70e9c04702af753a94c76e5e5627ed9', + 'sourceRecordsHash': '58927bcd883440c2cdd325a1acf024a603305b0199246be6d066615d59177f1d', + 'evidenceId': 'evidence-58927bcd883440c2cdd325a1', + 'truthState': 'derived', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'platform_baseStatus', 'usuario_finalNeed', 'explicacaoState', 'governanceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para platform_base/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider platform_base via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para platform_base/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'public.administrador_empresa.acao.administration-route', + 'platformId': 'public', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '70c09fe92f6735dc05e2a78311afba28dd6b017e994babd4fc3e23bd518f1b87', + 'sourceRecordsHash': '38ad0b001299cdd0a3895e2479e43408918322317d4d0b7c916522ec94e2b6af', + 'evidenceId': 'evidence-38ad0b001299cdd0a3895e24', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'administrador_empresaNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.administrador_empresa.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4b2653068e23b6a29e73d1639495088efbc508a834b0bc955373c015ef4641ed', + 'sourceRecordsHash': 'fc6a9c96e0a1f828ada4d395b300a470fed5f2fbca56dae064f52a627f6d3855', + 'evidenceId': 'evidence-fc6a9c96e0a1f828ada4d395', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'administrador_empresaNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.administrador_empresa.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4321dc720718a64f7f2cfe35b7342c745248a0b7e206223aa3ff84eead9471e5', + 'sourceRecordsHash': '0897f64598cf9c942f25767ef368ebf3b1ca5758bf8e8e2c9d6c4c56a37a9da3', + 'evidenceId': 'evidence-0897f64598cf9c942f25767e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'administrador_empresaNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.administrador_empresa.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '864bed0f0aac064a2407a3d76f675f511ed1f65458d9e543f62d80d07a02a5dd', + 'sourceRecordsHash': 'f7f62bbd22252a0fd73b4b95928406aa7d6e8a58a694cf3c91457c9bfdc32326', + 'evidenceId': 'evidence-f7f62bbd22252a0fd73b4b95', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'administrador_empresaNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.administrador_empresa.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f794938b09429301541927a6b9da2134156088389165b23c7e241514553c0eab', + 'sourceRecordsHash': '4eaedbb70cc90cb7629105fe02cf3a01defa0110bde57f193657f476dd41e812', + 'evidenceId': 'evidence-4eaedbb70cc90cb7629105fe', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'administrador_empresaNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.atendimento_cliente.acao.administration-route', + 'platformId': 'public', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3dff693510f47612768ded29a57e05a85ed9b967a1a27388c142761dcf943336', + 'sourceRecordsHash': '230f99afbd0dcc741a527b53d32cd6909458204cfa8fd8d81a81dfe272ede02d', + 'evidenceId': 'evidence-230f99afbd0dcc741a527b53', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'atendimento_clienteNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.atendimento_cliente.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '75408efa7cbccb7426aeae963e136156bc2af79348c0a713b43dc68f42d8d36f', + 'sourceRecordsHash': 'fc1ea5c77be2b2a292986c8be1c42ad187a246be739effcb6a88452967628941', + 'evidenceId': 'evidence-fc1ea5c77be2b2a292986c8b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'atendimento_clienteNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.atendimento_cliente.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5002b519f466eae7a38daa109d715c9f8b379662138dc1abef545f86279a1c1c', + 'sourceRecordsHash': '94f70fdf431a7e5b9355f8bc5bf5ff386237fd9a8d4010f479c281544ee12264', + 'evidenceId': 'evidence-94f70fdf431a7e5b9355f8bc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'atendimento_clienteNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '980b21a4c4239e56ada15522a473272d62c7bd68a53c8c1c9b149e506cf3ec72', + 'sourceRecordsHash': '56f356b2010d816837f12f999fffbe0917206e0ab2a17586d99a98b41b64bb73', + 'evidenceId': 'evidence-56f356b2010d816837f12f99', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.atendimento_cliente.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a5ace276734dc5f4cc988caa3431791e68cff0c0da7896887c188897cbe5b4df', + 'sourceRecordsHash': '61fd0a2ca23c7f41d79ae51d344643da925b97f5d1fcb239e4635fc53b12307a', + 'evidenceId': 'evidence-61fd0a2ca23c7f41d79ae51d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'atendimento_clienteNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.ceo.acao.administration-route', + 'platformId': 'public', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '63404a723d53ef3c96af4ca6f634c6059bac085fb732b390118fba99a4f29a8d', + 'sourceRecordsHash': '9566bdb3a2222cb96e26f9ee3770832a42998697277bd258089bc1eedab9e746', + 'evidenceId': 'evidence-9566bdb3a2222cb96e26f9ee', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'ceoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.ceo.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'da7a3f45dbdc72678c8eeac829236ccc6b40d9ba13e1bc6044441406c91bb1f9', + 'sourceRecordsHash': '9d092c45bf3df2ca03bd8704fc081c7460f5bb6bfe06a0b7ab0849a5401c40da', + 'evidenceId': 'evidence-9d092c45bf3df2ca03bd8704', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'ceoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.ceo.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '413fd764c95c72ef7e38b60179e1d04011c8324a0783c83ac0a04565ae5b6030', + 'sourceRecordsHash': '87730be971111ba6befea3f6869fb1278feb87dde1070b9658590f07c54dbb05', + 'evidenceId': 'evidence-87730be971111ba6befea3f6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'ceoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.ceo.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fbda18b1bf6066cb134f85228a71b25a4b4f308b84956c2ba6884e7e11bbf7a2', + 'sourceRecordsHash': '4469eecaa81f0524f2647cc6f35c04a9f648bde8cf9fb80b6a06aeafe1a1028f', + 'evidenceId': 'evidence-4469eecaa81f0524f2647cc6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'ceoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.ceo.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '64d8e3fa236e91a6f53c052ae9543e7efdaf1387506a84c7165ae79f4372e84b', + 'sourceRecordsHash': '8ea3d1659b6908a507fdf3eb9856f82e1865f199e5f5c9d1200759e1628810a1', + 'evidenceId': 'evidence-8ea3d1659b6908a507fdf3eb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'ceoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.cliente_externo.acao.administration-route', + 'platformId': 'public', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2d837307a9109c0d2e766be326b58d77cbd8fe4c624686d4a85100e5f3eed8ac', + 'sourceRecordsHash': 'bf11e5b6a4498f72394ae63b5549a46406663a403f94bb302fe000aeefa959e5', + 'evidenceId': 'evidence-bf11e5b6a4498f72394ae63b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'cliente_externoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.cliente_externo.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c0f0d51a3143390b51099c199f3548c3a38d73ebff6b0a5a997c89b928a5af75', + 'sourceRecordsHash': '816fd1f171186e7c92cdd0d0f266b65285ca562522bf68b675c6978b53c18399', + 'evidenceId': 'evidence-816fd1f171186e7c92cdd0d0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'cliente_externoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.cliente_externo.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '366e077c2f29643b2ee62e784b0f9fe93b1f1144a6356957b9f687581c792702', + 'sourceRecordsHash': '6ed5a774705440321f834fb805516f58a17be5f116ce0f0e828deff1abd50554', + 'evidenceId': 'evidence-6ed5a774705440321f834fb8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'cliente_externoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.cliente_externo.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8ef31b7b435e436fc6563519089a1b584679a9c09f440251685057061fd67b3d', + 'sourceRecordsHash': 'cbae58fd5eb64b1cf8a4514a8421b707d7c483fbed74470ad27b645d21fb4d20', + 'evidenceId': 'evidence-cbae58fd5eb64b1cf8a4514a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'cliente_externoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.cliente_externo.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '275ecdba52744718ac52244d0420253901c5a7b9e13d16af4c1e7dbf653ae90e', + 'sourceRecordsHash': '66fd904c37f80293f31793d5e8e3f2f59172052df4bc013f057c69b124d357af', + 'evidenceId': 'evidence-66fd904c37f80293f31793d5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'cliente_externoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.contador.acao.administration-route', + 'platformId': 'public', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '888a49d9d9d318b935b90848c1c6b9b9b8951e067a2de4adc6e9e21926d40ee5', + 'sourceRecordsHash': '1c715dbb06ac377a9a814c0a1d6a5ac1ed8f6d054fd592785e0f3af11a882ea8', + 'evidenceId': 'evidence-1c715dbb06ac377a9a814c0a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'contadorNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.contador.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dfae29f5d13a7f3062b232a9f5d29263c2e6e4c7697c9004fd22f2d54efaa810', + 'sourceRecordsHash': '71e8e922af011ca661844b3a6aeb7e2fec64fcdb20f7abfc00d5b3eee9b40e1b', + 'evidenceId': 'evidence-71e8e922af011ca661844b3a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'contadorNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.contador.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4493f488875357e296cfd0791b149a0dc6f844ba0b60eb5825226d6a8d1594e1', + 'sourceRecordsHash': '4e10ce9edda7cbc9cdaf9095a0efa8d3541f4ff529bc917c892794bb3df226e3', + 'evidenceId': 'evidence-4e10ce9edda7cbc9cdaf9095', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'contadorNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.contador.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '63f7ebf3a5c269af7ea871c9fb9d07971e27a4a7b0ee19850120374efbce2660', + 'sourceRecordsHash': 'c27e84bd7e73a64d358bf38af357c6923dd743f0263f23a9813507d306f5ddae', + 'evidenceId': 'evidence-c27e84bd7e73a64d358bf38a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'contadorNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.contador.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '65b9d7864dd48fb7e56327a14e6168fbfd1ff64d08398a7ee78ac199fa189f91', + 'sourceRecordsHash': 'c13249624a3ccb7341b78846e9b2af46609b5d0509b03b2e1412da0c802b8e86', + 'evidenceId': 'evidence-c13249624a3ccb7341b78846', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'contadorNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.financeiro.acao.administration-route', + 'platformId': 'public', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '53230a367d2f427622f89499b43463ec6f7b41f4a80eb30345f17fc3515248d2', + 'sourceRecordsHash': 'fca6ecaa1fcfa137261c19ebc655105bc8be8bc39efcd64c03284421ff84f0d8', + 'evidenceId': 'evidence-fca6ecaa1fcfa137261c19eb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'financeiroNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.financeiro.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '360979f07d0911452cdd19d6be90de32f479d9f93af1102ee945da7218a5c5ed', + 'sourceRecordsHash': 'fa67f95f46c0748ac9e6fd8e863b6f0995da5f189365b356a7975bb821603ecd', + 'evidenceId': 'evidence-fa67f95f46c0748ac9e6fd8e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'financeiroNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.financeiro.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '381a169a6c618ed5d442ad81d7efaa2ea114d37e19f89c0a6bc4bebd95a186df', + 'sourceRecordsHash': '7cb658e0061fd8141bbd171e37242edfd51588932160c00197134f9e5bab1353', + 'evidenceId': 'evidence-7cb658e0061fd8141bbd171e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'financeiroNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.financeiro.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1de163d818b4f5c57abf6ba8bb587f29c270f2d0091831517e17aaf6a1a2d896', + 'sourceRecordsHash': '4ba2121bb62277671373041bd516ba1f5ba178962aedbba82d6afdc4c854c161', + 'evidenceId': 'evidence-4ba2121bb62277671373041b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'financeiroNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.financeiro.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8096ed49ec1396beb78d95dafb5647e657e8e8a80f54b5d3dc2373fb7fc62917', + 'sourceRecordsHash': '730fbf5673c1bdc6970ec66c117dd75cae525f0de005bbf8a0c5a08f308a91b9', + 'evidenceId': 'evidence-730fbf5673c1bdc6970ec66c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'financeiroNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.gestor_operacional.acao.administration-route', + 'platformId': 'public', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fff76e33f61cb621103246da29fa7a104ae6c1fe0718c660232053f614d65e7d', + 'sourceRecordsHash': '1c6e54a0e1b5cfd94f4fed4218d38fef4a08c1092c91ed2dc98d7caa7eccc476', + 'evidenceId': 'evidence-1c6e54a0e1b5cfd94f4fed42', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'gestor_operacionalNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.gestor_operacional.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4986566cb7ad8250a369e2405f4694ab6c4d682b50cf2c3c17f85d2b57fe099b', + 'sourceRecordsHash': '2a110e5dfb732b6b87853d40065d5228498b68524642ddac69c3661b9dc58f20', + 'evidenceId': 'evidence-2a110e5dfb732b6b87853d40', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'gestor_operacionalNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.gestor_operacional.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e53ae1853bdd13d4273c70a1ed0906bec9ee89701eac01b8473e0b9638c7f970', + 'sourceRecordsHash': 'ff692492064c6ae37d45b8610351e201d4479bf693477cfba78ea2e21d768d4b', + 'evidenceId': 'evidence-ff692492064c6ae37d45b861', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'gestor_operacionalNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.gestor_operacional.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2d30ae45074d770fd4b3c2249f6fd62254be68fa5a304d6790bbc491e6f9df51', + 'sourceRecordsHash': 'ba85aa8ac5cdeff2da2ca4b65a0039d146d9321d1f98f5227d772afe65463522', + 'evidenceId': 'evidence-ba85aa8ac5cdeff2da2ca4b6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.gestor_operacional.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '26e1d3fbaeb2b17032e428a7e50fef0dda3e308ff5e9566feffa68c1176b1d1a', + 'sourceRecordsHash': 'fe2976e7ffda9b416ff9004a973a9b7e139dd79484180d3b45ff39857663bf30', + 'evidenceId': 'evidence-fe2976e7ffda9b416ff9004a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'gestor_operacionalNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.juridico.acao.administration-route', + 'platformId': 'public', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '49ba710109b2536118e00a2ae2c948629321818c8107b10be4b16fb9c1179fc4', + 'sourceRecordsHash': 'a9572c37dae928dc04a5b5e296a2a8a4471cbd48650b6b045a03a3d02e98d5fb', + 'evidenceId': 'evidence-a9572c37dae928dc04a5b5e2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'juridicoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.juridico.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '078762a0afa92fbd37b927ccb8e4aef378b2f40c38ce80e6787f497feb5d182d', + 'sourceRecordsHash': '13f107a84bde2a940751a025dd6bf0c61920690731e9548fcd1c248144ca9179', + 'evidenceId': 'evidence-13f107a84bde2a940751a025', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'juridicoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.juridico.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c7e5c74c4311ab7d9a2ebf436431ec5c2bd2ff83b1de0af1f59d18e44f9041ad', + 'sourceRecordsHash': '3ea300317e9980ac854f6832f10a814bd272f492381f07e56a35b04be76fd8c1', + 'evidenceId': 'evidence-3ea300317e9980ac854f6832', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'juridicoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.juridico.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3d3a4e569b425f94adc2777254f59f75852115614d388ab85ebdaa52ecd4b302', + 'sourceRecordsHash': '0168e9f0b9d118de035f435c97933e2ea0d127fc4aceb77254b7b349d1dc1ebd', + 'evidenceId': 'evidence-0168e9f0b9d118de035f435c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'juridicoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.juridico.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6ec33673ce7069d8191b735a1ba6edcc43ea8be92c6ecb99abeeaf392a98effb', + 'sourceRecordsHash': 'eebbd28ffb8a987d430b89cf4eaa6b619cec3bf6236fd7e5d3188147e7c77ebf', + 'evidenceId': 'evidence-eebbd28ffb8a987d430b89cf', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'juridicoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.planejamento_estrategico.acao.administration-route', + 'platformId': 'public', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'da95dddec1ab03de25da42a8bfbfb2b46a47d49e2260b70ca678d4450a4f2185', + 'sourceRecordsHash': 'd04b833573d656a71ec26e58ccd72e93b57c2e9ebfccf2eb4063049f7c598506', + 'evidenceId': 'evidence-d04b833573d656a71ec26e58', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'planejamento_estrategicoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '08e7c080c0bae7846e823c926cacd52a6522380de930791dad54cadc8acd6a99', + 'sourceRecordsHash': '45c51ed8fdd0477b74c2a0f69eec16539855b3a70745125341007ffebd5deb0f', + 'evidenceId': 'evidence-45c51ed8fdd0477b74c2a0f6', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.planejamento_estrategico.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '68cd2fad8eb4665001393700f6cc0d385576abd0b09066ffa483d694a5d2746f', + 'sourceRecordsHash': 'b9cbe387c4bbbcbfe2482e293d0aee6abe3ff328dbf54ca93eff368c60b958ec', + 'evidenceId': 'evidence-b9cbe387c4bbbcbfe2482e29', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'planejamento_estrategicoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1f3bfe16778bbc951c8ff57107b39cff497f88d557ae4ae0ba26ae249af6127d', + 'sourceRecordsHash': '47489c60d1e69f88350c6b794093beac34c44d2e882db5e60e437e2fd768ffbb', + 'evidenceId': 'evidence-47489c60d1e69f88350c6b79', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9a9808491a9b7426788a93c37084fe03772471df82083f057d75c8152f908058', + 'sourceRecordsHash': '4463d2fa972a1ddb5d80fd795dcf8afd0915cafb3ccc69bbfdba8090c4e24ffd', + 'evidenceId': 'evidence-4463d2fa972a1ddb5d80fd79', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.secretaria.acao.administration-route', + 'platformId': 'public', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd0dcbbc16ca469178d06c3bd20e64d6ee456d79264105ac011f45ef05468cbd6', + 'sourceRecordsHash': 'd535086775a5109b3ab44c6b1dfe804855b139e1bf0d655fe3b5e735f0572e39', + 'evidenceId': 'evidence-d535086775a5109b3ab44c6b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'secretariaNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.secretaria.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '010b02542b90f592098be5d818a43b2020e5a5bb7cdd1df36f6210cddc3fb526', + 'sourceRecordsHash': '25246b31471c1e71dbd9e8a73dbbbd80c9e15cebd350d6dc5b498e10bac83a2c', + 'evidenceId': 'evidence-25246b31471c1e71dbd9e8a7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'secretariaNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.secretaria.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '235d7f1af458289569a0b4eb2d4ef563e7836a0fa9e08d2d979791637dfb3481', + 'sourceRecordsHash': 'af12a24a4d0ad6a86a2e5460e828c9121860a8a3f4f584367e4a46309c76e140', + 'evidenceId': 'evidence-af12a24a4d0ad6a86a2e5460', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'secretariaNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.secretaria.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e7fdb0ab5a2489785eb0fa62a2521d026435e971afd13c46e7714ed590d94004', + 'sourceRecordsHash': '4c8d69ed7ffff7e1798580905f7a5ca92da50ecf3e2e32cce848d6733e99bcb8', + 'evidenceId': 'evidence-4c8d69ed7ffff7e179858090', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'secretariaNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.secretaria.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '9bc32a484a045703848ba0dd613ce47c0f17a9f6ee8f340360f9bd393ddc852f', + 'sourceRecordsHash': 'a1c44badc8968abcd78bf3406eda99d29fcc5d5c3f8cc68e03fa1af3d2e6fd30', + 'evidenceId': 'evidence-a1c44badc8968abcd78bf340', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'secretariaNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.suporte.acao.administration-route', + 'platformId': 'public', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c70412660e7f4927468a561f2ec42e8f4d5460aecc20464ea1923875c7fed756', + 'sourceRecordsHash': '1b7ac7edfc0c36a89ce9f4193772d21dde5b4aa85586cd6b9f45e7b4f9916142', + 'evidenceId': 'evidence-1b7ac7edfc0c36a89ce9f419', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'suporteNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.suporte.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '619538438123090f0eff2d8d5c820138dab21ce2dc402fa4f4cb552b13efb72e', + 'sourceRecordsHash': '2d4daccd7553b55a9d5fc4c899f86e18e48fe59cfdf5af1d6dd4f7c563690e42', + 'evidenceId': 'evidence-2d4daccd7553b55a9d5fc4c8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'suporteNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.suporte.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5901eb525ddff266c105caebf274574f14b8d8159b416697ee4257d66fb24c64', + 'sourceRecordsHash': '626c9e82bc4bc38c5d7ec216e9a65039343fab5995b70ea7378c562a801875bf', + 'evidenceId': 'evidence-626c9e82bc4bc38c5d7ec216', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'suporteNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.suporte.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f72f4cb37b0d5ff5cd16ecf1bb03ab1ca94e99639cb45249b398918733bdbb64', + 'sourceRecordsHash': '4d68e540040751dfeb00029646d8a345350f3cf82da394fc409b91b309794782', + 'evidenceId': 'evidence-4d68e540040751dfeb000296', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'suporteNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.suporte.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '573a3facc0653b18c02c51b157cbe41f73d502e72a479410872a4248fad17b58', + 'sourceRecordsHash': 'a97b982b55b2155ae7628371a5f5c879d5d64aa54c28ee1e6aecc649edcc52c2', + 'evidenceId': 'evidence-a97b982b55b2155ae7628371', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'suporteNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.tecnico.acao.administration-route', + 'platformId': 'public', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c2f06c32a949282fb792e3dbe16407d674344f742bbceef2423475b2fea86c60', + 'sourceRecordsHash': '0b155e6c901bba3f772d55a863ab62ee1c016866a17f98262ed4ce10c7174509', + 'evidenceId': 'evidence-0b155e6c901bba3f772d55a8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'tecnicoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.tecnico.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c2e1cd8f0b62bb1240c462bcaef0f927038e9859ecf39d936ce31ccf7a5ae4cd', + 'sourceRecordsHash': '73725264061aeed93ccbd02e6b0056fc7296799f6b13573b950865b4d99ae776', + 'evidenceId': 'evidence-73725264061aeed93ccbd02e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'tecnicoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.tecnico.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '444f30c3060dafc720e17edbf2292475f735ed188fbc0f4e58cd7da266ba5871', + 'sourceRecordsHash': '6bd37868fc9a15837a8d75e5eb5558d6fbde8bb721e57609b8056aad5b75899e', + 'evidenceId': 'evidence-6bd37868fc9a15837a8d75e5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'tecnicoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.tecnico.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '94f7e575f7bbe66ba0fcc278c2abc4b40206d0bdfb581a51ddf814605425fe25', + 'sourceRecordsHash': '131ddbb18706f5acb87255848caccfe00d2c6e6b64b982259a1c3615b2a7649c', + 'evidenceId': 'evidence-131ddbb18706f5acb8725584', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'tecnicoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.tecnico.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd49f09e28e0563512c256e791de46e3a426f29e7add1e9bac357cd9503eda4ae', + 'sourceRecordsHash': '6429f33f2d5734026864c560ba291fe30ec63750e21a0b65870fc832fa2ee93b', + 'evidenceId': 'evidence-6429f33f2d5734026864c560', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'tecnicoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.usuario_final.acao.administration-route', + 'platformId': 'public', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '36c83cf866bca1c10cbf35fe8284b4dc7e6fe21e9e774f1051cec821d0322492', + 'sourceRecordsHash': '536b13d24535ada15101eb352117b6c5983227d1a1072d726d58d8d1ad0e2b3c', + 'evidenceId': 'evidence-536b13d24535ada15101eb35', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'usuario_finalNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para public/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para public/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.usuario_final.auditoria.administration-route', + 'platformId': 'public', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '461dd49af3b5ae7a5f4cc7fcf3a5d0517c2c182f7fb1ffa191bcf884c8e0de77', + 'sourceRecordsHash': '8967a86e3a70ccc17223d7d4bd6a9da219ecad0219c8b6cdb82588c2430372b6', + 'evidenceId': 'evidence-8967a86e3a70ccc17223d7d4', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'usuario_finalNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para public/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para public/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.usuario_final.consulta.administration-route', + 'platformId': 'public', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '685d986f51f1028172a18ac1457fb7dca8ba05d3ca215bce660b2c1f2ddbfe94', + 'sourceRecordsHash': '7138eb3da2a65867274c4a8da52fb1806e165d84064122dad7af9e9cf71a1b6c', + 'evidenceId': 'evidence-7138eb3da2a65867274c4a8d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'usuario_finalNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para public/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para public/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.usuario_final.diagnostico.administration-route', + 'platformId': 'public', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'aa3a01b3de6c6106d2b8d7158e120071183b8116a51838c72cda210a263d1e0c', + 'sourceRecordsHash': '601a5768cde734540f6d3cb4452f40fce85908b215410165c01ebb01420c8324', + 'evidenceId': 'evidence-601a5768cde734540f6d3cb4', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'usuario_finalNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para public/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para public/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'public.usuario_final.explicacao.administration-route', + 'platformId': 'public', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'da74980759f61f21861d1659b0f5de86faf452972121ea0aa6e02d6627df4adc', + 'sourceRecordsHash': '23ca64922a9da8632be0ff2191e8d92e8a6f6d2286902cd45f8782c355200842', + 'evidenceId': 'evidence-23ca64922a9da8632be0ff21', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'publicStatus', 'usuario_finalNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para public/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider public via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para public/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 8, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'stj.administrador_empresa.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f942b3479d2ea9868a787649cb55fc4f9c1a4be9d64e275819956be35e6dcdf2', + 'sourceRecordsHash': '4e0cfc003e1cabf6251d0030e092813043c107b403855132a0f61aadd37db3de', + 'evidenceId': 'evidence-4e0cfc003e1cabf6251d0030', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'administrador_empresaNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.administrador_empresa.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dd3de43418934c8d40eca49a55cc1a3dedc8ef24765e60e055aeabfbcc56f02d', + 'sourceRecordsHash': '77b01b5d2e0edaed11aef5ff3ce9d53a742ae91d79f9f09f9d4ddd711dbe6d63', + 'evidenceId': 'evidence-77b01b5d2e0edaed11aef5ff', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'administrador_empresaNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.administrador_empresa.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4f9e090ebeb9e0a29967552c759a5c2b835618a8c2a8cbea2cf160adc7ceb526', + 'sourceRecordsHash': '288d2d7101e9457a3f7bf0ec7f69d522020f5eb9b5115bee4a23845f802c8f9b', + 'evidenceId': 'evidence-288d2d7101e9457a3f7bf0ec', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'administrador_empresaNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.administrador_empresa.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b36a0a11d9d438e2600706d3859bec74216ec8ae37c6dd974c265c25ae1418ff', + 'sourceRecordsHash': 'a1af6896fc2e71f91ff4b8a3f4479d93cd8167f30e8c29fe2c8f271341b240d5', + 'evidenceId': 'evidence-a1af6896fc2e71f91ff4b8a3', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'administrador_empresaNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.administrador_empresa.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd6aa11cd4ed0e5c3823525bc03bc4dc683d9904ec21b4a603206b0e20ecfce5c', + 'sourceRecordsHash': '6b85cfe4d922b86f042a9ffe075f87b80e597b35d4dbc89dab196016a122e9c9', + 'evidenceId': 'evidence-6b85cfe4d922b86f042a9ffe', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'administrador_empresaNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.atendimento_cliente.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4882816c48d7b482a299c8e6ca6e7e2e508988a572a79f34b2de0828e8ac57cf', + 'sourceRecordsHash': 'a18b1c6425ce27255b32fce5873510427ee347a93920a675b66e3137bca4503f', + 'evidenceId': 'evidence-a18b1c6425ce27255b32fce5', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'atendimento_clienteNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.atendimento_cliente.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4edb25c47e74f02fd8c495cbae82b603e6c524e2ca22e88bf1065758960b1f0e', + 'sourceRecordsHash': '669c52d358d44bd081f7912b211e232c75510cf8afa6d9255c15349096c0b6f4', + 'evidenceId': 'evidence-669c52d358d44bd081f7912b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'atendimento_clienteNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.atendimento_cliente.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1dcf7aa246900d75339011b49d8237e606d2b279d8022b7743179b12afbb8550', + 'sourceRecordsHash': '81f471ea333879874d44c710e14b9ac622fced4a03c47ae07bea6c5d9e515a49', + 'evidenceId': 'evidence-81f471ea333879874d44c710', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'atendimento_clienteNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '91175ff136d2ee9b1bc0f93485ba9a5effdb2fb937b586f11bb2ed1bb5c9d501', + 'sourceRecordsHash': 'd0a3b492bda2e137e2d539ccdfe9d38c614c2ae9910f2c209dad6e136b5f9e7c', + 'evidenceId': 'evidence-d0a3b492bda2e137e2d539cc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.atendimento_cliente.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a23c675e51d4039ea44cb009b8d67e78ff7e590cc47b06b27744cf31084d0043', + 'sourceRecordsHash': '6bea8f174837edf1ebedffb3355aa23cac10461d418a5e5a98e49eefaac45fb2', + 'evidenceId': 'evidence-6bea8f174837edf1ebedffb3', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'atendimento_clienteNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.ceo.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ae3e54ca290caa34502dc044c16312d3798fdc81886677a96bdb83b5f9a1b081', + 'sourceRecordsHash': 'dfa38d62c54b14873588322ec47eb064c2ada50f53f5cbc8468025e0e73c1015', + 'evidenceId': 'evidence-dfa38d62c54b14873588322e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'ceoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.ceo.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b68dc7911431e411192047beda06b2a4020cb894226693bc0745d61b6f4ad3e7', + 'sourceRecordsHash': 'ad32707acf1a4764020f329de6c31ef77bbf2f4a805e1a46f742180040d12a50', + 'evidenceId': 'evidence-ad32707acf1a4764020f329d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'ceoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.ceo.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '93df80dd0b073110a4d7f898519bf6c9d64e64979909e1bc59f2ee558bfe3000', + 'sourceRecordsHash': '42cfe0f3803bc873b21f9cfcdaa2ace1443cfe9fceef127b4dd4505cde7a8008', + 'evidenceId': 'evidence-42cfe0f3803bc873b21f9cfc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'ceoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.ceo.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6b1d23b618d3f2da674d0c49961ff15b80a49e9f401e296237ab3ba8efde7f68', + 'sourceRecordsHash': 'dd2129db81fc1fdf2c0d83f843b7e7429c98791a693b993c2d7b8558f5b6291d', + 'evidenceId': 'evidence-dd2129db81fc1fdf2c0d83f8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'ceoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.ceo.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '863c155e12542d971d161f82f00307755fceac273839b611f82f37edde5ef319', + 'sourceRecordsHash': '6fdf4a4863b4011e5a23f294ce7381c74d7db8c99a660fcc004ba04c675b28d1', + 'evidenceId': 'evidence-6fdf4a4863b4011e5a23f294', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'ceoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.cliente_externo.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3b713627d9be0fa92c4aab5eba12d1c6d8c7d80ef6aed43ed72e92cd1fc88854', + 'sourceRecordsHash': '0ac937cdd1f5c9336c631cdec7e1769f151a6f8da3a968fcafe67a765658242b', + 'evidenceId': 'evidence-0ac937cdd1f5c9336c631cde', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'cliente_externoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.cliente_externo.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'fa77d41cc8ff22292dd0ada13c3475e85bc6c4574017a0faa875f261a550eb6f', + 'sourceRecordsHash': '0689b028d265158d0ca61fe74da7f7ad445d7fc5957bb0e0c5d0669778bec305', + 'evidenceId': 'evidence-0689b028d265158d0ca61fe7', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'cliente_externoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.cliente_externo.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '677732d13b08ed0cf126895844719354a8f01783b08fefe966aefc9aa6493f71', + 'sourceRecordsHash': '9a711d03769aa20ed7fa11d9bd62f2f4255a0e7026807b6f8d53a99fef2a048a', + 'evidenceId': 'evidence-9a711d03769aa20ed7fa11d9', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'cliente_externoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.cliente_externo.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '559447c8fd6aadc1b027280cd656db945eabae4e8c90f94c2d0a75cb6bc9273e', + 'sourceRecordsHash': 'd4e14a224577c50f7273ccdc070922ebe5a86165716a9a58cb06b32d4c1d0aff', + 'evidenceId': 'evidence-d4e14a224577c50f7273ccdc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'cliente_externoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.cliente_externo.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'aef766eb421c72afb216255c889b7fda28181788e1f3b0873d541847ca180f01', + 'sourceRecordsHash': 'cd9b450a69d6cfe7ce59f42ae9b4129c4cda084eb9954cffe9bd902365735d12', + 'evidenceId': 'evidence-cd9b450a69d6cfe7ce59f42a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'cliente_externoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.contador.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '660316de899817eda996d9b5597ec816a571d9e5e6168285121f17f734be45a6', + 'sourceRecordsHash': 'e186ce79de6625301f7b16f1b62062608e7c69e642f783024868d028fef8ac62', + 'evidenceId': 'evidence-e186ce79de6625301f7b16f1', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'contadorNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.contador.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '5a3190343fde406c989fb956360ed2d2136133037ca581a486d170cbe41cd601', + 'sourceRecordsHash': '47ade196bf0ccfc76ee2cb3cf5ecbdd1b46fe8b050e2b919cf88a06acd3d9a2c', + 'evidenceId': 'evidence-47ade196bf0ccfc76ee2cb3c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'contadorNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.contador.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a0199751ecf897e5b9d80c2ee87b511d6926a6358b9504ddb156542aa287e5a3', + 'sourceRecordsHash': '7005161bf67ac2f61a8efbe200b6405aa091009b1fbaa7f212403b6d13ae6508', + 'evidenceId': 'evidence-7005161bf67ac2f61a8efbe2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'contadorNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.contador.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2c8f82bd5fc97839f4bee6dda092d64f89fb784e8609f48142380ed267753763', + 'sourceRecordsHash': '0f833de0823eb3b3b731cf5b47c193d087cb8f997f2c7096a972efcb78d7e73c', + 'evidenceId': 'evidence-0f833de0823eb3b3b731cf5b', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'contadorNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.contador.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f83e9026e8dc69dc3b78fec8a5b49bcde22ce7b6c6cf136557809a56e4dea8e3', + 'sourceRecordsHash': '2fa7b7e80dd8807e70541f745e12f989cd397d202c1f3b34b46eb1ab12641fe9', + 'evidenceId': 'evidence-2fa7b7e80dd8807e70541f74', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'contadorNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.financeiro.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd93f1209945f4f06f21ccdd2080183b51a890fa1ecdf15e7b68ba3e6eb251373', + 'sourceRecordsHash': 'ff8677bd402f7ba374c88189c13ec8010b8c89756365a777e0fcbd95a1ab9222', + 'evidenceId': 'evidence-ff8677bd402f7ba374c88189', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'financeiroNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.financeiro.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8503054131c5e039b568b869df5073168f415661c4b4139057dbe8ed66e2cf03', + 'sourceRecordsHash': '7a01348301df92a66c028cdae0c18ba44b506fe2337aba9903a2ab7fdae6e305', + 'evidenceId': 'evidence-7a01348301df92a66c028cda', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'financeiroNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.financeiro.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f52704b3990729074dfd0717fdaab1f3478058ff9bec43068a3662e3d6d89656', + 'sourceRecordsHash': 'd0929af76b9cace0275146bedb0f9630eec3d8f478371791a8e70f34138bdbc5', + 'evidenceId': 'evidence-d0929af76b9cace0275146be', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'financeiroNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.financeiro.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ea9fa8ace0dcf4c723f4f7e63cbb21ab5b11b644af561595ad6da0892b65db1b', + 'sourceRecordsHash': '860d4b0c075982ddbe8c7f31b369da3b4a63c8a19e403bbab887771f31b0fb6c', + 'evidenceId': 'evidence-860d4b0c075982ddbe8c7f31', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'financeiroNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.financeiro.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3d37a9dd02aa3abcd05265229a1ed31c99ef24473fa96dd947725dde8c84a7ff', + 'sourceRecordsHash': '18cdbb5f40e56a2048258a7dc36478ef2242d6af89718fa24ec0448d06a0c2d9', + 'evidenceId': 'evidence-18cdbb5f40e56a2048258a7d', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'financeiroNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.gestor_operacional.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '627456df71148422e50365ffd5cced4d210da8ce2de4089297f49a59dd73acb5', + 'sourceRecordsHash': '2dfa8bab03a8922a4c75750f97a8759f759e13913c5a850cbbacfda65e327cf5', + 'evidenceId': 'evidence-2dfa8bab03a8922a4c75750f', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'gestor_operacionalNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.gestor_operacional.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '95899cfdb48af2523a893ac5dad9523e84d65b3d7b9ceab8ab5ef0742096881c', + 'sourceRecordsHash': '6db9b634827319486e4b25404dda9372f0cf0ff2c4a98f0e97baf8848bda2509', + 'evidenceId': 'evidence-6db9b634827319486e4b2540', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'gestor_operacionalNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.gestor_operacional.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3125cc04b65d093c53beb4f6fa8d36d625fdca64eaf3c10bb9435e4aca13c031', + 'sourceRecordsHash': '6b3d7b5db9a7a13ebc146185c5c9a3410ccf92559200caca74e620c04c23c2c3', + 'evidenceId': 'evidence-6b3d7b5db9a7a13ebc146185', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'gestor_operacionalNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.gestor_operacional.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f62aa8f7a39df78b8eceb892b636c7ac56ea435518852e4f2a6a06f748b96b7f', + 'sourceRecordsHash': 'ca70a23586930e81e8f3a3fb4f8991dd4f0635314661f61dcb68132436916180', + 'evidenceId': 'evidence-ca70a23586930e81e8f3a3fb', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.gestor_operacional.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7f0d3fd107a1ee5e0a0ce1416315a9196d7e6b8e6ec004bbcde6e429785c698c', + 'sourceRecordsHash': '85fd3f077cdeea901083b945220cce73e111eb5ea18baa465465c6ebf77b30ec', + 'evidenceId': 'evidence-85fd3f077cdeea901083b945', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'gestor_operacionalNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.juridico.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e6976faa482f37dad8313eb7945d73b431cb8bf9cf2858c05dc7fb7da6b6354e', + 'sourceRecordsHash': 'f5a75f04deb147138f6dc67e92cf21d9f02eefec88e3df0ea63fbbd4c155609d', + 'evidenceId': 'evidence-f5a75f04deb147138f6dc67e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'juridicoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.juridico.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cd64fbae63648fde5af08a4578aa714b9a95ed35165e5535788997427025b9e6', + 'sourceRecordsHash': 'aa496f411fda525e152fc4c0a7016420fe9981d1497d58ed8b022d992529d7ab', + 'evidenceId': 'evidence-aa496f411fda525e152fc4c0', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'juridicoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.juridico.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a0f8b381ecbd464cf1c75f7687ef0ca0904eb1e003884716442f6d5f85f796e3', + 'sourceRecordsHash': '8d35b07ebb898a699954a6e83d04ab53e9b76b17410335152cca5e2e88c4c821', + 'evidenceId': 'evidence-8d35b07ebb898a699954a6e8', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'juridicoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.juridico.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '84b70498de51a0a8b93eacb9b82180b47a4499c361306a178855c89d102f944b', + 'sourceRecordsHash': '79f64e5e3d4dbf29e771b294c234c9aa6c45ba07c28bf4e689524478b7ebac8a', + 'evidenceId': 'evidence-79f64e5e3d4dbf29e771b294', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'juridicoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.juridico.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'be25b653e33be1317fb6b347139f46f096128cdd49b71deb27adda66d4e4d361', + 'sourceRecordsHash': 'b04b77fce731f92088625cb216eff263615dd4dbec734e15a5e903df286866ae', + 'evidenceId': 'evidence-b04b77fce731f92088625cb2', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'juridicoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.planejamento_estrategico.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '0f319e5ffe73884543d8a7c50f0b0fb3aaa949c55d56429be4e1f0e4cf3b0a1d', + 'sourceRecordsHash': '9200c612412130ec480c3d42a38a3bba5b1798564053c7c0b7e0d58866d3c041', + 'evidenceId': 'evidence-9200c612412130ec480c3d42', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'planejamento_estrategicoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd8768f447d1397ddef8c2026794d8d0a06a4ab66bdc7f0b2ee5025c23b02a09d', + 'sourceRecordsHash': '6b5cf0ef7c6db89cf102209c6cbe8fbbed248a9f6350605d0fe75c0d4e204578', + 'evidenceId': 'evidence-6b5cf0ef7c6db89cf102209c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.planejamento_estrategico.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'de35c673bdfc2630048328ab8c26f2d68dc5fabe179068d06061bf14d11b43b1', + 'sourceRecordsHash': '53a05f50b30b97596a39d06e4baa45fd36153a9ebd0d24044c0db69688d8f087', + 'evidenceId': 'evidence-53a05f50b30b97596a39d06e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'planejamento_estrategicoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4d8d38fee0cc91a6e496ad8a81815c9b42ff37466afed9b56d9c34379544517c', + 'sourceRecordsHash': 'f5548c0f6384242ea4db6f11a28c50012b0698d62e10d5d51386b09ec54cabd4', + 'evidenceId': 'evidence-f5548c0f6384242ea4db6f11', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '80125235efe4f0a420ea073b1546d86944249b761e4a4406c47c082bfa6af2c1', + 'sourceRecordsHash': 'b36cbb7bfccbb44738388b9719586d39dc2a6868c758dec2e6d7f1b0738934ec', + 'evidenceId': 'evidence-b36cbb7bfccbb44738388b97', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.secretaria.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7f56b9c4da303222895de2a4a94a4d175d5831bc7b501f5c7de21bd53234e604', + 'sourceRecordsHash': 'd2f53926bed354c0838ac27c7498118ecac4e0cce32e45d5ebbcdd0370cd5f3e', + 'evidenceId': 'evidence-d2f53926bed354c0838ac27c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'secretariaNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.secretaria.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '36d3577ad6a496e4108671d1f00b4d24792cef31365ccb6c70e8dad46df59875', + 'sourceRecordsHash': 'd8f8006ff6f70544d66a6820030d16adc297bd71de4b6e35ef5909d77c4be2d2', + 'evidenceId': 'evidence-d8f8006ff6f70544d66a6820', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'secretariaNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.secretaria.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd6bdc440412b0f74b41128113f83facb70305dad09ef295b8e1353ef07a4f923', + 'sourceRecordsHash': '28176dec003b02ff854ca19401bc68455aa4f4b01503f188f20bc3138a0a970e', + 'evidenceId': 'evidence-28176dec003b02ff854ca194', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'secretariaNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.secretaria.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bbf4e09973df4c4e54655245821cf5b36772561de2de9356d0433eee2f01e419', + 'sourceRecordsHash': '3c1e1125c8a16a7d04573526b9d19729fd762f013481dca5fedd4113b476df83', + 'evidenceId': 'evidence-3c1e1125c8a16a7d04573526', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'secretariaNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.secretaria.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8c158cc97165072ef2935c4f47c36bd5923c780f658183c7a4893256cf45f1c6', + 'sourceRecordsHash': 'bc1e47840cd352bf2ce3ffdc6f0f7b8503133dcf6abe36ccd4b600cb9567d118', + 'evidenceId': 'evidence-bc1e47840cd352bf2ce3ffdc', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'secretariaNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.suporte.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c79133cb8afd0e7caaa5625b2494dab233962b4e1e6a551d062301d25f6efbe4', + 'sourceRecordsHash': '9eb7113327d4856d4f2496bf6341d5c628d22db68d1d93d68d202cdde3a3ec2a', + 'evidenceId': 'evidence-9eb7113327d4856d4f2496bf', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'suporteNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.suporte.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '74b9a33da832c626dc06d4bcee58d72cc4fb715033766f841233794d51996bb5', + 'sourceRecordsHash': '9ec7ad461ebb4a4cc3fae863c0478b5e93a22f014541bff7953c3e927c08437d', + 'evidenceId': 'evidence-9ec7ad461ebb4a4cc3fae863', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'suporteNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.suporte.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2975f68a034fe87569f6e6b45f48cde33d0c566c62300c27d6f6d97c28cf4ff3', + 'sourceRecordsHash': 'c1bd663e9348826e92ec33443d105b8f186c8464e876414c11305884669b1997', + 'evidenceId': 'evidence-c1bd663e9348826e92ec3344', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'suporteNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.suporte.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '89fad6d73c229772980922b7a9f92e752c74f20cb6877685ac8b0d7d040bd861', + 'sourceRecordsHash': '8d7362e543b8905cd16cbe38d42fa30f6bd5a0d1149b23ecbe5ce51a2363d88d', + 'evidenceId': 'evidence-8d7362e543b8905cd16cbe38', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'suporteNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.suporte.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '710325b1242485b0c2bcce09eee171d3da0a3dc3637c7830e7e4ab00ffe241d4', + 'sourceRecordsHash': '3e349eb510a0f59f533fd696b8e3fc3a4f0a9828662e9fcbebf70cce1714411f', + 'evidenceId': 'evidence-3e349eb510a0f59f533fd696', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'suporteNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.tecnico.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1cd1245c6f35ff4b3fee87263c7cb64065c1ece56b1fa3aa1b8e9222cd9de5af', + 'sourceRecordsHash': 'd6bea2cf279d0337c35f5d40dbf915c53a4ccf0e39bdae894d458400b57c1136', + 'evidenceId': 'evidence-d6bea2cf279d0337c35f5d40', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'tecnicoNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.tecnico.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd4bc88f922e05d997a2c4d0189b1e44226c8fc45113e11f60b8098031fa20bc6', + 'sourceRecordsHash': '301f2d4ad7236df3fde1fa54a806c6138fbe11276d3c56445ddabc26c9af2b57', + 'evidenceId': 'evidence-301f2d4ad7236df3fde1fa54', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'tecnicoNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.tecnico.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '162587a4e3ff5ff6054fc2af44b28965172d37244504eceba3230a5da85f0070', + 'sourceRecordsHash': '2b12e9ebb344d2795d6a48327eb40367911b352b770ab1ef11f515caf8cfb003', + 'evidenceId': 'evidence-2b12e9ebb344d2795d6a4832', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'tecnicoNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.tecnico.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '84381237fd0dc95dbc7c8b025702e052c6b54761d4bc14bf479457f6ba8bd70d', + 'sourceRecordsHash': '7ca964e198c04aa193ac1a6ccd2099abfe1d9cac3faed7b2cd595b3bb988aeaf', + 'evidenceId': 'evidence-7ca964e198c04aa193ac1a6c', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'tecnicoNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.tecnico.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ba921efa97e0e74bce22d0b9a506545ba8c7664dceae7835e4b445c3da7127ab', + 'sourceRecordsHash': 'a7d5838e287c4942c30f3a8a019deb42c2416eefac612399b08be482f89bd883', + 'evidenceId': 'evidence-a7d5838e287c4942c30f3a8a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'tecnicoNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.usuario_final.acao.administration-route', + 'platformId': 'stj', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f9f005cf873e7ad9687c17510606ef82ad6cef403db9e1ace206b8fa66e38f9b', + 'sourceRecordsHash': '30043a4d69795de8d14b311e11eafd7295afd43f3c8e4d0cba0727f19c37e47b', + 'evidenceId': 'evidence-30043a4d69795de8d14b311e', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'usuario_finalNeed', 'acaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para stj/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para stj/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.usuario_final.auditoria.administration-route', + 'platformId': 'stj', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '40852849210700bde4219e117447d60656153b7e7da3750bb2b2fa3835e6d615', + 'sourceRecordsHash': '15e1f4603bc3badc78d20810bfd60ddb94e80a735e5375511381ac9d16ef9a91', + 'evidenceId': 'evidence-15e1f4603bc3badc78d20810', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'usuario_finalNeed', 'auditoriaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para stj/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para stj/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.usuario_final.consulta.administration-route', + 'platformId': 'stj', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '82cf4b1a4a492695fd66da59c11d14ff532b7c1d1cf877a3da3de39a27824755', + 'sourceRecordsHash': 'f04caf9756a62e39a382b15040f5b7804b4327de0ff65ad6fb10c03c93ac3deb', + 'evidenceId': 'evidence-f04caf9756a62e39a382b150', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'usuario_finalNeed', 'consultaState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para stj/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para stj/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.usuario_final.diagnostico.administration-route', + 'platformId': 'stj', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'cabe5e5f240ece6d64add3b363462c290c160a1329b32580e599fad236d4a936', + 'sourceRecordsHash': 'caecce7ff1779ac607198784ae3e2410a71680800aa055bac6574953f6fffa97', + 'evidenceId': 'evidence-caecce7ff1779ac607198784', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'usuario_finalNeed', 'diagnosticoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para stj/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para stj/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'stj.usuario_final.explicacao.administration-route', + 'platformId': 'stj', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1b6d35a0c63c48092d75268dd48e7b0734bbf20fec8ec870ae96fc5b24d377ef', + 'sourceRecordsHash': 'f6fa9feea864797c48fa953a876cfe5dd64b6c21e0013b21ab59057696e72784', + 'evidenceId': 'evidence-f6fa9feea864797c48fa953a', + 'truthState': 'response_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'stjStatus', 'usuario_finalNeed', 'explicacaoState', 'legalGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para stj/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider stj via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para stj/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 7, + 'status': 'partial', + 'blockerReasons': ('maturity_below_8',), + }, + { + 'routeId': 'ui.administrador_empresa.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'administrador_empresa', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f2d650fefdb03f5c2a6814be1442e799da2e8616123c15d75f7892343c4965e0', + 'sourceRecordsHash': 'acdd29b6dbc2bf21ec218165830b825c9e4e5117358dd36227b4b833acb888ed', + 'evidenceId': 'evidence-acdd29b6dbc2bf21ec218165', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'administrador_empresaNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.administrador_empresa.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'administrador_empresa', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e6390c975f788e8ab50df80a1ecfc53d4cdc215b89550e9ff2e9e70a36f34251', + 'sourceRecordsHash': 'a210a59407ffe78ee7afec96122f4c3ff77b6cfd2a526953c3f19e1769860d6a', + 'evidenceId': 'evidence-a210a59407ffe78ee7afec96', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'administrador_empresaNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.administrador_empresa.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'administrador_empresa', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2e69434298ce0c278d2d69dced5771f5a85bdc02ad308fd086dfc8c9af463163', + 'sourceRecordsHash': '69ebc5c0fdde786509642367e6e0fa858b7f8d47b1cd19ec90aab70fabcb909d', + 'evidenceId': 'evidence-69ebc5c0fdde786509642367', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'administrador_empresaNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.administrador_empresa.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'administrador_empresa', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e614176656ffcda6eef18a23bc2f3086aefec611855ccfc79e4e6b4e0a7dc16c', + 'sourceRecordsHash': 'd5b84a8f12f97b9f44f651953235b25c789f2052fc3e2a2d0f2f2bdb992b2d8c', + 'evidenceId': 'evidence-d5b84a8f12f97b9f44f65195', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'administrador_empresaNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.administrador_empresa.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'administrador_empresa', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3e787b5ba822af9c2279068599d41386a7839e3a00858810c570ba9b52b85343', + 'sourceRecordsHash': '1d7b3e228c181a4b4258ed4a128be071a6985f6ef00e7cbb2e0ccbaad18c3e70', + 'evidenceId': 'evidence-1d7b3e228c181a4b4258ed4a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'administrador_empresaNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/administrador_empresa exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/administrador_empresa', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.atendimento_cliente.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'atendimento_cliente', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '07cbb1fb2a619006e9976623bd4d02da0b4a8ce36c891b07b3d2273c4a6d4ca1', + 'sourceRecordsHash': '2922ec5ef3d693ac90e6bf243a0bc2033471dd4c162b0f1d22dd95d98efe0fcd', + 'evidenceId': 'evidence-2922ec5ef3d693ac90e6bf24', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'atendimento_clienteNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.atendimento_cliente.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'atendimento_cliente', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'abd625535a0624ebd750b6df4013c8c372c127f3e89cfcc5fc1a4be8d07ce78d', + 'sourceRecordsHash': 'd4ecdf56af2c2ce5f434d0d3bef4969e295d54cb39257580367738a2f1561105', + 'evidenceId': 'evidence-d4ecdf56af2c2ce5f434d0d3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'atendimento_clienteNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.atendimento_cliente.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'atendimento_cliente', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '4ea27bc9a761c52159d0842b97a201877000bed3b9e35c8ad9f99ab28826d99c', + 'sourceRecordsHash': '4c116aabf7abb9368dfa31446e88d21563829483e1986ff12e03721336140dd9', + 'evidenceId': 'evidence-4c116aabf7abb9368dfa3144', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'atendimento_clienteNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.atendimento_cliente.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'atendimento_cliente', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e2342fc6046297ce49a75c8058ae8f71c7c5ed98f50c9c8c58eace3794d9a175', + 'sourceRecordsHash': 'c5de490727201f52d253f875c37c38948f1f1cc1ecc54254c5a09906e706f9d8', + 'evidenceId': 'evidence-c5de490727201f52d253f875', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'atendimento_clienteNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.atendimento_cliente.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'atendimento_cliente', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '363dc38ab5b69db9acdca3988e5d0ecfaec17983e328d8207e10dfebdf62a827', + 'sourceRecordsHash': '32316a1899fb597300b35b9310d9f4cfc882e8f6b0db8d2397f4600226abff29', + 'evidenceId': 'evidence-32316a1899fb597300b35b93', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'atendimento_clienteNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/atendimento_cliente exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/atendimento_cliente', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.ceo.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'ceo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '45070e143dc266e90a139378155bd40d2157eece498e534688b50458cef072c2', + 'sourceRecordsHash': '543f874573af334d27d2f88033d12127c829130f38f926d675b8046bf0373f97', + 'evidenceId': 'evidence-543f874573af334d27d2f880', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'ceoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.ceo.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'ceo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1da080993a10da7968c13451ad13c5c12ee112dcdcc4df77a56b1a7fd2d941aa', + 'sourceRecordsHash': '141de56469a5f2c7bfd2ca4afea9843a70a189e1304e7f8c6c9114ae6a3573ba', + 'evidenceId': 'evidence-141de56469a5f2c7bfd2ca4a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'ceoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.ceo.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'ceo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3d0a712be3f8a4a9e81b1e372c634ee4227d37e92f4effbd339f098419540fc9', + 'sourceRecordsHash': 'b64e3df6cdfa9a2fc1d3673eaf4ce11e365ed1ebf9550c2b0ef6518c20189e0e', + 'evidenceId': 'evidence-b64e3df6cdfa9a2fc1d3673e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'ceoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.ceo.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'ceo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ed25307d5214d5e2847ab37515ae77512cb290152b6e59cad46bd71ab83e85dd', + 'sourceRecordsHash': '0377ad8216ef33b4f9fe7fd40aa15aef071b2a544d78f980fd551ca390f171e3', + 'evidenceId': 'evidence-0377ad8216ef33b4f9fe7fd4', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'ceoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.ceo.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'ceo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1fa32f4d86307fc0070f63400c391139eec683f1e34fa7d1ce471508807f062e', + 'sourceRecordsHash': '78a213be246b36c5c0159f7da6dec3d11f20cf636c296855f39f74b35f4015e1', + 'evidenceId': 'evidence-78a213be246b36c5c0159f7d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'ceoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/ceo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/ceo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.cliente_externo.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'cliente_externo', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'bd6c387d1d49744f48c565a102d5f515e36250c409095f6cb6a4a6b68c208d24', + 'sourceRecordsHash': '632c60276b35d32f7522298479676c4c5edae2a76020eaaf1408989b2caf6276', + 'evidenceId': 'evidence-632c60276b35d32f75222984', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'cliente_externoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.cliente_externo.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'cliente_externo', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6f856a2b3d971717031fe412b6abbbe9a62ec9ffb5594b7aea6ecc29b5a28f52', + 'sourceRecordsHash': 'aa9e0a295646bb65c8f6ac29360fac53319ac2f36e84da9096a357312ae4c4e5', + 'evidenceId': 'evidence-aa9e0a295646bb65c8f6ac29', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'cliente_externoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.cliente_externo.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'cliente_externo', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b78d62ee86dad4fa23beb74d9b49585f845307815656c131633f0ca3efa6b337', + 'sourceRecordsHash': 'c8094bb84b276fb3f281bc61e663ac3866d9f18c46dae755b599edfd7439728e', + 'evidenceId': 'evidence-c8094bb84b276fb3f281bc61', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'cliente_externoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.cliente_externo.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'cliente_externo', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '859f3c41ca61df77ef4d08cb105bd3e3636f248dd3547c7235db2a28ebdcae28', + 'sourceRecordsHash': '901df1c41a7007e6748f05eebef87bab31e230b33fa5b0c5744deb43c43a42dd', + 'evidenceId': 'evidence-901df1c41a7007e6748f05ee', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'cliente_externoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.cliente_externo.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'cliente_externo', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd1e329cfd0e8ee7176afa6f132c00a8c403f178ab7cc061929d70ae42c88a130', + 'sourceRecordsHash': 'd0dc75609ed1f5e71e89d20b11b2b6cbb8c885150bfba10874eefe25d05b0961', + 'evidenceId': 'evidence-d0dc75609ed1f5e71e89d20b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'cliente_externoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/cliente_externo exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/cliente_externo', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.contador.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'contador', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd8ce56fb58f2d16cc80a537418ff139788cf6053180130aac43bcf7667680640', + 'sourceRecordsHash': '7b2c4575cb7a81cb5dd41c5b6e089c66c037887906386d6d5ffd39aab7041316', + 'evidenceId': 'evidence-7b2c4575cb7a81cb5dd41c5b', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'contadorNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.contador.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'contador', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd9053790e41959cac1073338defd641ee638d0268800a527dc9685376b4315b1', + 'sourceRecordsHash': '34d38a3765c51b0d43bfd25a28ff9dd461dd24306ae83f3da64b12a452adaf2f', + 'evidenceId': 'evidence-34d38a3765c51b0d43bfd25a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'contadorNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.contador.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'contador', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2e0eeb28642da383f005f18931cee288cbcd27469d37609cd218ce6ce6eeaead', + 'sourceRecordsHash': 'ec45905b9434b0df89f685b846bf149bf60c7cd4dbd2d36b9d1a59e81e93017b', + 'evidenceId': 'evidence-ec45905b9434b0df89f685b8', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'contadorNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.contador.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'contador', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '27cb90194ae00af5a7d4a9fcaa1235fec5b51893bb8f85097bb3b17ca2956f75', + 'sourceRecordsHash': '55c938a85db15750833ccb4c6a13c77bdad9b3d24c05918d862e3dfc82edd959', + 'evidenceId': 'evidence-55c938a85db15750833ccb4c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'contadorNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.contador.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'contador', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ec77e95bf1ad11b479d02f28aa3afedb155f91d565338de5c9ce6773c451551b', + 'sourceRecordsHash': 'd1f32ecc684abb23b65c7fe283efce04b6d59d6d70e15aa1b6d6cc2109a2bbdf', + 'evidenceId': 'evidence-d1f32ecc684abb23b65c7fe2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'contadorNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/contador exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/contador', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.financeiro.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'financeiro', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '27f862c72e14bda30a5e30b5e96ae13913c475faacd65f3041a7b4dc08cf12eb', + 'sourceRecordsHash': '18c94b5f29de327e629c21ce1c510d33322c79b308ca139051d4fca3ff39c0f0', + 'evidenceId': 'evidence-18c94b5f29de327e629c21ce', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'financeiroNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.financeiro.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'financeiro', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '933ffc7072a9756d84154f1825f6b206c012428f474bcc8939fa9f3b396cafd1', + 'sourceRecordsHash': '8e4052839a650c99fcc2187e4485cec66b8e7c268b296005b65954f388fe74f0', + 'evidenceId': 'evidence-8e4052839a650c99fcc2187e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'financeiroNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.financeiro.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'financeiro', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '29ac7ac984a517e801c9e7afd9c01a789a45ef5385e6d79a71fe8d0fd8242b51', + 'sourceRecordsHash': 'be83c5c80dbb2c026792cf1a50e8e3431ad3f2a0500f23782c43605f92662955', + 'evidenceId': 'evidence-be83c5c80dbb2c026792cf1a', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'financeiroNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.financeiro.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'financeiro', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '459351675b91165a124be73f3c15950742f4100a88ccbd47eb19be07d72bf76b', + 'sourceRecordsHash': '56cbc34e03b46b259dd0de391987336979b6f433eb00049189ef84bf99a3bbcf', + 'evidenceId': 'evidence-56cbc34e03b46b259dd0de39', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'financeiroNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.financeiro.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'financeiro', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f6de98b49b13cc8dc36719d93cb0cd3e18e5cbc79fc01744428ae33c0d36f417', + 'sourceRecordsHash': 'aa312b7fdb4f61a7211093483d15a46ef03fdb0a4fd662778c8e827ed08edf6c', + 'evidenceId': 'evidence-aa312b7fdb4f61a721109348', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'financeiroNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/financeiro exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/financeiro', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.gestor_operacional.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'gestor_operacional', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '1ce39eff5fb7cbc1a4b28395d4548a209f0188a14b9291348b287b63bde3b942', + 'sourceRecordsHash': 'cc84c3fb5335f4070d2fa10e61542604d9cb69f8722e9db762e20acf941f3372', + 'evidenceId': 'evidence-cc84c3fb5335f4070d2fa10e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'gestor_operacionalNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.gestor_operacional.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'gestor_operacional', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e9eb372441c23d9d2652dbca4d804136d4c5667529d72094e962181c8890ce18', + 'sourceRecordsHash': '74683ce1c0cbdaed0b80500643ddd407df5bab7a74b3ea597c7b6c4ed3e3348f', + 'evidenceId': 'evidence-74683ce1c0cbdaed0b805006', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'gestor_operacionalNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.gestor_operacional.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'gestor_operacional', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '05a2cfa3bcbeae38effd976f0fee66e0898b07f8198252ee198858eb1ab7c428', + 'sourceRecordsHash': '7d29aab1b3777cc9c577b2c57b8f176893904f7ebf8720093e1587732e1fcee6', + 'evidenceId': 'evidence-7d29aab1b3777cc9c577b2c5', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'gestor_operacionalNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.gestor_operacional.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'gestor_operacional', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '708fa674329dcaf630d1e38f276f3f218dd4406aeceeaa5f27c1ab4c471dc5d5', + 'sourceRecordsHash': '340b6a63f57c2277eba5e047690772de4d5d2d7928ace279b460c28639c265ad', + 'evidenceId': 'evidence-340b6a63f57c2277eba5e047', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'gestor_operacionalNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.gestor_operacional.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'gestor_operacional', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'd0960f7b5c2f45e0c4bc29bf487220c6d7359ef3adfe242af121b70e2ab11092', + 'sourceRecordsHash': '74240ed62a3ca8782502f93254848e81f40449fdea3a5e422b2d6a33b365bcfd', + 'evidenceId': 'evidence-74240ed62a3ca8782502f932', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'gestor_operacionalNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/gestor_operacional exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/gestor_operacional', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.juridico.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'juridico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'b8ae12354916f081c1781cafb8253434a8d4e33bfac4f3f2c1afb9fb9b1799ae', + 'sourceRecordsHash': '8129871ba4ef409f63e9b9fbb9769a3f4e7166d08323b6b5611e539fe792d98a', + 'evidenceId': 'evidence-8129871ba4ef409f63e9b9fb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'juridicoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.juridico.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'juridico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '2eead33a2847a06e4b3bcccc53e52675ee481b994c5a9b093d909e74263b79fd', + 'sourceRecordsHash': '3e64a93015984ab6d7b6570748efcee1fedc9081701056c135e6d2d72204c654', + 'evidenceId': 'evidence-3e64a93015984ab6d7b65707', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'juridicoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.juridico.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'juridico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '126d6adcffa49d4b55627f48198671a55c484db46a962dd8cebed5e3bc647026', + 'sourceRecordsHash': '5e4b967cef24189521a9947970a8fa84e4cd546a0857474b52d3611c6d9f33f5', + 'evidenceId': 'evidence-5e4b967cef24189521a99479', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'juridicoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.juridico.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'juridico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3fea696a635a1cfe854fe17fc6b91cd906f2274e7c1b6d1fcae77e1ffacc3ac8', + 'sourceRecordsHash': 'ed46059201484eec2b66af8986e528a01ea26ee9c9b2b4a80571c0b712bc2fb4', + 'evidenceId': 'evidence-ed46059201484eec2b66af89', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'juridicoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.juridico.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'juridico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '3484f923cdfde312d5834a6a8163f1f0f336aa3ad666d0c5ffb8f6d264f07a45', + 'sourceRecordsHash': '73bbd570c956b75a7329622cbc3b10953546e3e60d1bd0759d7b11e91187bbd2', + 'evidenceId': 'evidence-73bbd570c956b75a7329622c', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'juridicoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/juridico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/juridico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.planejamento_estrategico.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'planejamento_estrategico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '842013a76382755f9c9ad6e7e49d692eee06cad505b4bed8b029fe6b235964d9', + 'sourceRecordsHash': '814dd6fdba41f6aba98ff723b26306084f0502e64ac4cb5bd6cae02b14bff6c9', + 'evidenceId': 'evidence-814dd6fdba41f6aba98ff723', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'planejamento_estrategicoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.planejamento_estrategico.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'planejamento_estrategico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '96468215ea12da49ef4ad5cf4d4777e38df2ef5c7d20daa2f81902b657f383e9', + 'sourceRecordsHash': '0647ffc4add4c70a99857095e1f617e7a7d872aace1c44a0f7fd4f845d0c7556', + 'evidenceId': 'evidence-0647ffc4add4c70a99857095', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'planejamento_estrategicoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.planejamento_estrategico.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'planejamento_estrategico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '59ebee301dade1216e6119f03fa45caa0ee0864d25c0901dfd22fc8ddd228c4a', + 'sourceRecordsHash': '6ea3b3649b195a309ad4795de3a446706509983a0329593a48fb604da338d131', + 'evidenceId': 'evidence-6ea3b3649b195a309ad4795d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'planejamento_estrategicoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.planejamento_estrategico.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'planejamento_estrategico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '846daa529eac3b1a9a89a026380825980f73e0551603edb499c1942b8b04f776', + 'sourceRecordsHash': '8f7c3d093932b44b804b445e41ffeb58330b68c91f3d2d1374846892a4f119d1', + 'evidenceId': 'evidence-8f7c3d093932b44b804b445e', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'planejamento_estrategicoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.planejamento_estrategico.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'planejamento_estrategico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'dcdc33316582a3d5e60d37bef73c6688f3be117db391f1d441d1882e01d0de42', + 'sourceRecordsHash': '63f0909bc0360afca0d897494bbdf5aceba17454313d56b65f03242b55f51f82', + 'evidenceId': 'evidence-63f0909bc0360afca0d89749', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'planejamento_estrategicoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/planejamento_estrategico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/planejamento_estrategico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.secretaria.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'secretaria', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '06b460986f6a97a743bae79687d4bfc6f2bdb658bd2777216496b885cf0a5c55', + 'sourceRecordsHash': '2abcc008916770d352204eac5fc609d895ea91f86a45a43a4e1ba87f7cba35c7', + 'evidenceId': 'evidence-2abcc008916770d352204eac', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'secretariaNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.secretaria.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'secretaria', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'ddbb95c1dc48fc4fcd7149666e26de6b2491e786c5986473180d1df5613269f7', + 'sourceRecordsHash': 'b6cb709468d0817ba96deeef72970ea5d5ee9cc5a67b6b4c92d9f3d81d45098b', + 'evidenceId': 'evidence-b6cb709468d0817ba96deeef', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'secretariaNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.secretaria.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'secretaria', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '8b6ef16e9d2d68544d0577fd226c7a87195820269b652ecf2c13575bf843b998', + 'sourceRecordsHash': '96a3587a6ca73476a86db1d2141aab3d611daf9511c9275aa05fb619a464c3ec', + 'evidenceId': 'evidence-96a3587a6ca73476a86db1d2', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'secretariaNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.secretaria.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'secretaria', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '00783576aad9bf206195c5e8647bff27029f51bb479b4838eb3c1545d6089d5d', + 'sourceRecordsHash': '3a3cda0857ff19864a36f8cfda41400169a53e448d8482b653aa3be6b0fbebb1', + 'evidenceId': 'evidence-3a3cda0857ff19864a36f8cf', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'secretariaNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.secretaria.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'secretaria', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e565174f5ed445107e0d18daf414efd8743c144940764beefe855a0f488b2371', + 'sourceRecordsHash': '8899a0db1d0e4d5e7e791716d573aea76ac270a04139eaf0f32a463f09ae2ea2', + 'evidenceId': 'evidence-8899a0db1d0e4d5e7e791716', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'secretariaNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/secretaria exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/secretaria', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.suporte.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'suporte', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'aca4e83d3bb25e746d90187213fae4581a98fad8b1494aa22d14a83c7580da06', + 'sourceRecordsHash': 'e34a5a50f2ebe419171cb8ba83c7e2764997ec599bcf6ad8a264423cd2b92cf0', + 'evidenceId': 'evidence-e34a5a50f2ebe419171cb8ba', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'suporteNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.suporte.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'suporte', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f16a2e71b3b1005480a9b45def4686b621103419bc602aad784a45518cf10890', + 'sourceRecordsHash': '93b6912f4f24a92f7eb4d27d168a92320cc9114fb89584ef5ac14e8efcfacafb', + 'evidenceId': 'evidence-93b6912f4f24a92f7eb4d27d', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'suporteNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.suporte.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'suporte', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'a02744b522d99f03a55d21294a3f37094bca8bd9694c0a58445072ccdd7e313d', + 'sourceRecordsHash': '2ed376cb48c0c125748bda5206c7512dbf63bb57812dd53bd871da1368709e10', + 'evidenceId': 'evidence-2ed376cb48c0c125748bda52', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'suporteNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.suporte.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'suporte', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '15f13f6879b30479b617e20c8c02263961ee1846bfc1357f2dfcfaecd935b46e', + 'sourceRecordsHash': 'a4e9d55924e9e3df4286a81938694b8174c4e3af06177cd6fd933af738394721', + 'evidenceId': 'evidence-a4e9d55924e9e3df4286a819', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'suporteNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.suporte.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'suporte', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'de1b1d37faff4190395512230d9f20ee8474f220ec30d1e6d7f9d6d6cba29efa', + 'sourceRecordsHash': '7c4b39205065ae95d4f163dc091a1feb188892f2405d0ac7b1136926dffc9a7f', + 'evidenceId': 'evidence-7c4b39205065ae95d4f163dc', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'suporteNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/suporte exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/suporte', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.tecnico.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'tecnico', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '6bf2c6c764b1d8fa2b11c035a916763caab7b97a1a207b4286369f7815f4d556', + 'sourceRecordsHash': 'e600134592c2f32face15f51bb8488f44c278edf4eea7bc1ca868ad7e2557aef', + 'evidenceId': 'evidence-e600134592c2f32face15f51', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'tecnicoNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.tecnico.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'tecnico', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '96838f28b0ade0e6214be68e08b9ee2db1c8058793d6277083eee4843a44f5e9', + 'sourceRecordsHash': '4068982ece0170e33eeecdb39e3aa0395df71e057ed24686228bf88701586054', + 'evidenceId': 'evidence-4068982ece0170e33eeecdb3', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'tecnicoNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.tecnico.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'tecnico', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'e372f178a3b032e2cb5876ffa7ef6efaf772efbde34318ab68e80b2c71298cbb', + 'sourceRecordsHash': '4e811ecc28f7cb09c49ea6a064e79bbfd51d00321c4a68fa9429aeb3af37b9f5', + 'evidenceId': 'evidence-4e811ecc28f7cb09c49ea6a0', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'tecnicoNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.tecnico.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'tecnico', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'f8afaf1bcb7c6e88a3112353b4f2b7819a533d1b3f2179fc7f866b39773a3cd2', + 'sourceRecordsHash': '1cc0f10c9393591218626cc67e3e48f9bc47191c9878ceb3dc61d67a498a986b', + 'evidenceId': 'evidence-1cc0f10c9393591218626cc6', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'tecnicoNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.tecnico.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'tecnico', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c89dcdb15d385fe854eb84a68275c8f470d006943de95e3478df86ca6b69538b', + 'sourceRecordsHash': '59939bb42b0dafc7b098f742f34945aa01a8410ba653e72694b9d6cad9df8f6a', + 'evidenceId': 'evidence-59939bb42b0dafc7b098f742', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'tecnicoNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/tecnico exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/tecnico', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.usuario_final.acao.administration-route', + 'platformId': 'ui', + 'profileId': 'usuario_final', + 'operation': 'acao', + 'toolId': 'mais_humana.admin.acao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.action.request', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '93ff08a013f94a9523e53e469076f41cc39852322c0618ac4c8f8548f69aadc1', + 'sourceRecordsHash': 'e03cf4676a6287cbbadcc159e332e100193d3e78074b1da2fed1eab67021155e', + 'evidenceId': 'evidence-e03cf4676a6287cbbadcc159', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'usuario_finalNeed', 'acaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'acaoRoute', 'actionFamily', 'mcp_admin_action_request'), + 'validationSteps': ('executar rota administrativa acao para ui/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa acao para ui/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'action', 'acao', 'mcp.admin.action.request'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.usuario_final.auditoria.administration-route', + 'platformId': 'ui', + 'profileId': 'usuario_final', + 'operation': 'auditoria', + 'toolId': 'mais_humana.admin.auditoria', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.audit', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '146430b9dd61355a9d637e4c18e14db15aed816d3a8955a4235ff165acc99f70', + 'sourceRecordsHash': '8e5a532f1d450e52f2a59360a670b4edaacd1f32197d9f4b6da74c74c8f64492', + 'evidenceId': 'evidence-8e5a532f1d450e52f2a59360', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'usuario_finalNeed', 'auditoriaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'auditoriaRoute', 'auditFamily', 'mcp_admin_audit'), + 'validationSteps': ('executar rota administrativa auditoria para ui/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa auditoria para ui/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'audit', 'auditoria', 'mcp.admin.audit'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.usuario_final.consulta.administration-route', + 'platformId': 'ui', + 'profileId': 'usuario_final', + 'operation': 'consulta', + 'toolId': 'mais_humana.admin.consulta', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.readonly', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '54a3d145eb21b8964a120184850dc9cb2252173471171ad65e7db3725d645c3f', + 'sourceRecordsHash': '87defa2280db2d47d40728a1eb07c3c3bc25858ca3b0251763983fe96dff1db2', + 'evidenceId': 'evidence-87defa2280db2d47d40728a1', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'usuario_finalNeed', 'consultaState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'consultaRoute', 'queryFamily', 'mcp_admin_readonly'), + 'validationSteps': ('executar rota administrativa consulta para ui/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa consulta para ui/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'query', 'consulta', 'mcp.admin.readonly'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.usuario_final.diagnostico.administration-route', + 'platformId': 'ui', + 'profileId': 'usuario_final', + 'operation': 'diagnostico', + 'toolId': 'mais_humana.admin.diagnostico', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.diagnostic', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': '7c85a7b07b1f7f0025791d1dae8b06646957d05ca3bdd1ba63945dbbade35584', + 'sourceRecordsHash': 'ef8a5214b6a30fae2dd219eb888676641b78890589d95142707d811266b852f4', + 'evidenceId': 'evidence-ef8a5214b6a30fae2dd219eb', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'usuario_finalNeed', 'diagnosticoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'diagnosticoRoute', 'diagnosticFamily', 'mcp_admin_diagnostic'), + 'validationSteps': ('executar rota administrativa diagnostico para ui/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa diagnostico para ui/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'diagnostic', 'diagnostico', 'mcp.admin.diagnostic'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, + { + 'routeId': 'ui.usuario_final.explicacao.administration-route', + 'platformId': 'ui', + 'profileId': 'usuario_final', + 'operation': 'explicacao', + 'toolId': 'mais_humana.admin.explicacao', + 'sourceToolId': 'mais_humana.mcp_transit.ledger', + 'permissionScope': 'mcp.admin.explain', + 'sourceEndpoint': 'https://mcps-gateway.ami-app.workers.dev/v1/execute', + 'sourcePayloadHash': 'c79d14d7b20fcda4582c9c722cb07bc6839e7604cc07ac1a62869a2b3204e314', + 'sourceRecordsHash': '8b25f4dc32339b235d9c5c805dc8eb08cbe3f4bfe45a0ff991274879da29e12f', + 'evidenceId': 'evidence-8b25f4dc32339b235d9c5c80', + 'truthState': 'same_source_ready', + 'panelReady': True, + 'gptExplainable': True, + 'sameSource': True, + 'approvalRequired': True, + 'dryRunSupported': True, + 'requiredTransitFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp'), + 'requiredPayloadFields': ('origin', 'destination', 'tool', 'payload', 'actor', 'permission', 'result', 'traceId', 'auditId', 'timestamp', 'projectId', 'platformId', 'profileId', 'surfaceId', 'category', 'sourceEndpoint', 'sourceToolId', 'sourcePayloadHash', 'sourceRecordsHash', 'truthState', 'panelReady', 'gptExplainable', 'humanNextAction', 'uiStatus', 'usuario_finalNeed', 'explicacaoState', 'experienceGate', 'adminRouteId', 'adminRouteKind', 'controlPlaneId', 'ownerPlatformId', 'targetPlatformId', 'routeFamily', 'permissionScope', 'executionMode', 'capabilityId', 'capabilityVersion', 'policyDecision', 'policyReason', 'inputSchemaHash', 'outputSchemaHash', 'operatorIntent', 'approvalRequired', 'dryRunSupported', 'rollbackSupported', 'humanExplanation', 'auditRetentionPolicy', 'mcpOnlyAdministration', 'directPlatformBypassBlocked', 'explicacaoRoute', 'explanationFamily', 'mcp_admin_explain'), + 'validationSteps': ('executar rota administrativa explicacao para ui/usuario_final exclusivamente pelo MCPs Internos', 'confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp', 'validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma', 'registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash', 'confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato', 'gerar humanExplanation para auditoria da IA administradora'), + 'redactionRequirements': ('bloquear valores cfat_ brutos em qualquer artefato humano', 'permitir apenas credentialRef, tokenRef ou secretRef opacos', 'mascarar Authorization Bearer antes de persistir evidencia', 'registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto', 'vincular redaction ao provider ui via MCP', 'bloquear administracao direta fora do MCPs Internos', 'persistir apenas hashes e referencias opacas de credencial'), + 'pendingIfMissing': 'homologar rota administrativa explicacao para ui/usuario_final', + 'orderIds': ('0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo', '0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release', '0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional'), + 'policyTags': ('administration_route', 'mcp_only', 'explanation', 'explicacao', 'mcp.admin.explain'), + 'maturityLevel': 9, + 'status': 'ready', + 'blockerReasons': (), + }, +) diff --git a/tests/test_central_materialization.py b/tests/test_central_materialization.py new file mode 100644 index 0000000..446ac89 --- /dev/null +++ b/tests/test_central_materialization.py @@ -0,0 +1,59 @@ +from __future__ import annotations + +import json +import unittest + +from mais_humana.central_materialization import ( + MaterializationStatus, + active_input_order_specs, + active_managerial_order_specs, + next_output_order_specs, + run_central_materialization, +) +from mais_humana.cli import main +from mais_humana.storage import table_counts +from tests.helpers import make_tmp + + +class CentralMaterializationTests(unittest.TestCase): + def test_specs_cover_active_and_next_output_cycles(self) -> None: + active = active_input_order_specs() + managerial = active_managerial_order_specs() + output = next_output_order_specs() + self.assertEqual(len(active), 5) + self.assertEqual(len(managerial), 5) + self.assertEqual(len([item for item in output if item.order_type.value == "executiva"]), 5) + self.assertEqual(len([item for item in output if item.order_type.value == "gerencial"]), 5) + self.assertEqual(active[0].order_id, "0037_EXECUTIVA__homologar-rotas-administrativas-mcp-no-gateway") + self.assertEqual(managerial[-1].order_id, "0053_GERENCIAL__pactuar-docs-catalogonly-ou-response-ready-como-excecao-global") + + def test_run_materialization_creates_orders_reports_indexes_and_sql(self) -> None: + root = make_tmp() + project = root / "project" + central = root / "central" / "projects" / "15_repo_tudo-para-ia-mais-humana-platform" + report = run_central_materialization(project_root=project, central_platform_folder=central) + self.assertIn(report.status, {MaterializationStatus.CREATED, MaterializationStatus.EXISTS}) + self.assertTrue((central / "orders" / "executivas" / "0037_EXECUTIVA__homologar-rotas-administrativas-mcp-no-gateway.md").exists()) + self.assertTrue((central / "orders" / "gerenciais" / "0058_GERENCIAL__fechar-decisao-docs-response-ready-ou-catalogonly-formal.md").exists()) + self.assertTrue((central / "reports" / "EXECUTADO__rodada-015-central-materialization-2026-05-02.md").exists()) + self.assertTrue((central / "indexes" / "orders-index.md").exists()) + self.assertTrue((central / "current" / "active-order-queue.md").exists()) + self.assertTrue((central / "status" / "overview.md").exists()) + counts = table_counts(central / "controle-semantico.sqlite") + self.assertGreaterEqual(counts.get("service_orders", 0), 20) + self.assertGreaterEqual(counts.get("files", 0), 20) + + def test_cli_materialization_writes_payload(self) -> None: + root = make_tmp() + project = root / "project" + central = root / "central" / "platform" + code = main(["central-materialization", "--project-root", str(project), "--central-platform-folder", str(central)]) + self.assertEqual(code, 0) + payload = json.loads((central / "dados" / "central-materialization-report.json").read_text(encoding="utf-8")) + self.assertEqual(payload["project_id"], "tudo-para-ia-mais-humana") + self.assertEqual(len(payload["active_input_orders"]), 10) + self.assertEqual(len(payload["next_output_orders"]), 10) + + +if __name__ == "__main__": + unittest.main() diff --git a/tests/test_mcp_admin_route_acceptance.py b/tests/test_mcp_admin_route_acceptance.py new file mode 100644 index 0000000..caeb129 --- /dev/null +++ b/tests/test_mcp_admin_route_acceptance.py @@ -0,0 +1,74 @@ +from __future__ import annotations + +import json +import unittest + +from mais_humana.cli import main +from mais_humana.mcp_admin_route_acceptance import ( + AdminRouteAcceptanceStatus, + acceptance_csv, + acceptance_markdown, + build_admin_route_acceptance_report, + compact_acceptance_payload, + iter_admin_route_acceptance_cases, + run_admin_route_acceptance, + summarize_admin_route_acceptance, +) +from tests.helpers import make_tmp + + +class McpAdminRouteAcceptanceTests(unittest.TestCase): + def test_generated_catalog_has_expected_operations_and_volume(self) -> None: + cases = iter_admin_route_acceptance_cases() + self.assertGreaterEqual(len(cases), 900) + operations = {case.operation for case in cases} + self.assertTrue({"consulta", "diagnostico", "acao", "auditoria", "explicacao"}.issubset(operations)) + self.assertTrue(all(case.source_payload_hash for case in cases[:20])) + self.assertTrue(all(case.source_records_hash for case in cases[:20])) + + def test_summary_reports_real_readiness_and_blockers(self) -> None: + summary = summarize_admin_route_acceptance() + self.assertGreaterEqual(summary.total_cases, 900) + self.assertEqual(summary.status, AdminRouteAcceptanceStatus.BLOCKED) + self.assertGreaterEqual(summary.ready_cases, 500) + self.assertGreater(summary.partial_cases, 0) + self.assertGreater(summary.blocked_cases, 0) + self.assertGreater(summary.ready_ratio, 0.5) + self.assertIn("consulta", summary.operations) + + def test_filtered_report_and_renderers_are_compact(self) -> None: + report = build_admin_route_acceptance_report(platform_id="business", operation="consulta", limit=5) + self.assertEqual(report.status, AdminRouteAcceptanceStatus.READY) + self.assertLessEqual(len(report.returned_cases), 5) + payload = compact_acceptance_payload(report) + self.assertEqual(payload["status"], "ready") + self.assertEqual(payload["returnedCases"], len(report.returned_cases)) + self.assertIn("route_id,platform_id,profile_id", acceptance_csv(report)) + self.assertIn("MCP Admin Route Acceptance", acceptance_markdown(report)) + + def test_run_acceptance_writes_project_and_central_artifacts(self) -> None: + root = make_tmp() + project = root / "tudo-para-ia-mais-humana" + central = root / "central" / "15_repo_tudo-para-ia-mais-humana-platform" + report, records = run_admin_route_acceptance(project_root=project, central_platform_folder=central, limit=8) + self.assertEqual(report.status, AdminRouteAcceptanceStatus.BLOCKED) + self.assertTrue((project / "dados" / "mcp-admin-route-acceptance.json").exists()) + self.assertTrue((project / "dados" / "mcp-admin-route-acceptance-compacto.json").exists()) + self.assertTrue((project / "matrizes" / "mcp-admin-route-acceptance.csv").exists()) + self.assertTrue((project / "ecossistema" / "MCP-ADMIN-ROUTE-ACCEPTANCE.md").exists()) + self.assertTrue((central / "reports" / "EXECUTADO__mcp-admin-route-acceptance.md").exists()) + self.assertTrue((central / "indexes" / "mcp-admin-route-acceptance-index.md").exists()) + self.assertGreaterEqual(len(records), 6) + + def test_cli_acceptance_writes_json_payload(self) -> None: + root = make_tmp() + project = root / "project" + code = main(["mcp-admin-route-acceptance", "--project-root", str(project), "--limit", "3"]) + self.assertEqual(code, 0) + payload = json.loads((project / "dados" / "mcp-admin-route-acceptance.json").read_text(encoding="utf-8")) + self.assertEqual(payload["status"], "blocked") + self.assertEqual(len(payload["returned_cases"]), 3) + + +if __name__ == "__main__": + unittest.main()