{ "filters": { "operation": "", "platformId": "", "profileId": "", "status": "" }, "generated_at": "2026-05-02T10:23:15+00:00", "generated_files": [], "report_id": "mcp-admin-route-acceptance-9841af72a6e6588d", "returned_cases": [ { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-ad52ab3aec8c146ff3726b2d", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/administrador_empresa", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "administrador_empresaNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.administrador_empresa.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "d082c395fdaf1f2b7f4477634fefea03d68c34daa50caffe9869d4f764ede499", "source_records_hash": "ad52ab3aec8c146ff3726b2d3906e7a5c070939751f6dc09bd22113e142f679b", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-10ecf5e6942e1370acc44c11", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/administrador_empresa", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "administrador_empresaNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.administrador_empresa.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "f1d17c2b19d9d7bb48a99f9391cb7ac5b8acaa85685f52cb4942630f38f6d32b", "source_records_hash": "10ecf5e6942e1370acc44c11aa79e655a5d324ea8e445a1a233fee9f676802e5", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-587d659a4c282c7715078021", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/administrador_empresa", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "administrador_empresaNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.administrador_empresa.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "505b2b794fc430bbc76e80c11cb59f484d6c44f2f1331a74edaef872d15d4e38", "source_records_hash": "587d659a4c282c7715078021a91d62105284097dade620bc969161477b89401b", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-c7ded42ea265be003bb113b6", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/administrador_empresa", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "administrador_empresaNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.administrador_empresa.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "3e6d2ec5d40f72aa001a6da61d26cdb3db6112a01dd2d4a567c6abce7f56fbdd", "source_records_hash": "c7ded42ea265be003bb113b601771a1eb6f5fce906f2fe52923762812891a238", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-63d6d7de2ac68232ac3c862c", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/administrador_empresa", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "administrador_empresaNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.administrador_empresa.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "051170ee6954b9e724eaae7fef4cb0bb8ed88d39c33dbfacc384c58ea0ff1f9a", "source_records_hash": "63d6d7de2ac68232ac3c862ce9684c9d5ef7e2441f4f4b16ff2404ca344fa0cd", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-7c7be84ac6782615dfeb38d9", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/atendimento_cliente", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "atendimento_clienteNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.atendimento_cliente.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "1299a53220e003a76a84268297f5a7228d02dce16a07ae3d39a77d0ffc89f1d6", "source_records_hash": "7c7be84ac6782615dfeb38d9e02b86f0ad0deaf2363267c1194d21093dbed20f", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-4e8c564a2d995bc53735548e", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/atendimento_cliente", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "atendimento_clienteNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.atendimento_cliente.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "57beddad77228c21b6036b410547ade91a1057e7e891838a95863368941bf50a", "source_records_hash": "4e8c564a2d995bc53735548efabfe94d75a5b51ba45c1ea1e13a44858fe03bf3", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-7edecd401588f6ec8c809e03", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/atendimento_cliente", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "atendimento_clienteNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.atendimento_cliente.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "fc9ad6aadbd39a5aa8fb4444e49779f54202462e0d9b7c86e36edaf39383640d", "source_records_hash": "7edecd401588f6ec8c809e03321d2da8922c5453f10737c591d1ab93b90ef7a8", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-0d6b7f9fd95b804d2c99c89d", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/atendimento_cliente", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "atendimento_clienteNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.atendimento_cliente.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "c6a4c1161a4ab3ddf0cdab419e336e869d4c3f598724e9fa6075c11563daee32", "source_records_hash": "0d6b7f9fd95b804d2c99c89daf94687c8399c57f9da494fd711d39269d68c5a9", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-8efd2d3db8c8e36d1737e931", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/atendimento_cliente", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "atendimento_clienteNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.atendimento_cliente.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "0bdee52d0d0fa434a2bd5c0cbd79521b962f3b1eaff978b92fa727107b6a108e", "source_records_hash": "8efd2d3db8c8e36d1737e9314fec019577b0745cfb233c570d63e2858eb2e70f", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-8663f918eaf543ba853f6b17", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/ceo", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "ceoNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.ceo.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "bd976d4fd2ff57008416461108920c388cea94b1fad993e1176a20097d00d59c", "source_records_hash": "8663f918eaf543ba853f6b17f0e5f53f7f0873de4cdc3d32a18f6734fd71aa11", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-8626f5e4b0fab4f7034f59d5", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/ceo", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "ceoNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.ceo.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "0a7868bfb78b8f713f91492f7a35e282ad970ac87fab3f974b30559fa7920826", "source_records_hash": "8626f5e4b0fab4f7034f59d586be22c3cb631c08f361f9083eb72c423f7ba05f", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-a1b5c73faabc9adb8acba4f6", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/ceo", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "ceoNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.ceo.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "e4076ddc0cd4f5445f4a832bdb9b77833fe512f036470298afa797fba9a0fb04", "source_records_hash": "a1b5c73faabc9adb8acba4f6a561d519eefe768a025223d7417f0a537819d53f", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-97bf7c4fef545240d91a0d67", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/ceo", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "ceoNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.ceo.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "3801b57510c00a1fce40adfc5b8aba77782931a56baae50f84ff3e95dc28ef10", "source_records_hash": "97bf7c4fef545240d91a0d6794c9ca8989fce742216f4e8daa7f2394ae451a6a", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-4910d766c7e8e6539ed20de3", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/ceo", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "ceoNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.ceo.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "677e2c9b2e1073a561244cb1452b056cb0c27aef03fc92b54e7efc4033de969e", "source_records_hash": "4910d766c7e8e6539ed20de3ccc4d8fb629d43766d5a8873ae5926ea9840e161", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-99b8fc9b9bb54a227950015d", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/cliente_externo", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "cliente_externo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "cliente_externoNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.cliente_externo.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "58d8e5ba1a5694d277ef196e48bc5bee57278b98eba53ee04a5fe88034705039", "source_records_hash": "99b8fc9b9bb54a227950015d1c8ad52f9be0a93270a1029f2584c3c013dc9fac", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/cliente_externo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-432a6b6a41e60ad56931f6d8", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/cliente_externo", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "cliente_externo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "cliente_externoNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.cliente_externo.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "5b93e10b9bf98b0bd18a6478cf62fd3b812bca7176a6b46ab1a07fa546c3e15f", "source_records_hash": "432a6b6a41e60ad56931f6d8e9fb78cd128d8a92807d6a13b4f2385fbc69a1f8", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/cliente_externo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-dfbddc7a711dcfb103a8f023", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/cliente_externo", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "cliente_externo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "cliente_externoNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.cliente_externo.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "4a9fb634f6a22c6a0244b1af53e9073d3d0e16de68085e0856cca49d84535f30", "source_records_hash": "dfbddc7a711dcfb103a8f023f9bb71bbde77529691b40420f2a60ac6a79e6daf", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/cliente_externo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-4ed9ff47ee3fd85464663f24", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/cliente_externo", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "cliente_externo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "cliente_externoNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.cliente_externo.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "4cc11e419ea2d351bf24969c0069e96e5148bd9cb3d3a7c22402a1fa96bc51a3", "source_records_hash": "4ed9ff47ee3fd85464663f242a336dbf1bcc161e8bffd89146216ec6b905165a", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/cliente_externo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-ed3386af31a57e0f1e8a85e1", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/cliente_externo", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "cliente_externo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "cliente_externoNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.cliente_externo.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "604dc75b46fbffb86e5dc75e35f1568765d4df639d8d2fe40c9ced7d260b81a9", "source_records_hash": "ed3386af31a57e0f1e8a85e10e3050fe5a841734ca81d6de175576488f3130bf", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/cliente_externo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-3952a88a55a389ba02c94786", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/contador", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "contador", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "contadorNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.contador.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "697740da52ce2b2d2099c814cd0ee8327d2ee05c2efe4fe533c5989f8d42336c", "source_records_hash": "3952a88a55a389ba02c94786f29715a10558b2abe2b7b0895a9da9b4147e9dc3", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/contador exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-6551171148e282da243a88c9", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/contador", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "contador", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "contadorNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.contador.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "b181759443f41b750ca3fd10486d6cbf6fca84e03be9065784bd0faa77a477f7", "source_records_hash": "6551171148e282da243a88c951c4f1d66078ecb2300e1c8bb352d428f593e833", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/contador exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-4854f96ae070f53c5b63c43b", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/contador", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "contador", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "contadorNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.contador.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "c677323d17cd37326c2234178b1f388211236ef398db2923a405642528fa5081", "source_records_hash": "4854f96ae070f53c5b63c43b7f39746cb76122fb668238776e4ac1aa97f06f90", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/contador exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-2cc3eeed20f5d3fc9be99343", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/contador", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "contador", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "contadorNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.contador.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "ab52203f77d128852c2737c5ba76cd6a7cf198037c138087de58be0707d87158", "source_records_hash": "2cc3eeed20f5d3fc9be99343572adb4b81ef9398cc390649a63fb87d1ea38e50", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/contador exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-748749eeb561e01ef20005bb", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/contador", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "contador", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "contadorNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.contador.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "d2de3b3c80a999b0c23b9f9363bdbd4bce3eae2021f6277fbb589ebe46f07ae7", "source_records_hash": "748749eeb561e01ef20005bbb8f5dddb0401bfd169b38d0fcd8cd79f1cbd1481", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/contador exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-e51c9666ddd06faef25356ba", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/financeiro", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "financeiro", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "financeiroNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.financeiro.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "9ded2208c5b89a90b5f852c853c4dfe050dc94b2ced5acdeb2575421f6542338", "source_records_hash": "e51c9666ddd06faef25356baa2a8c4ed1e5ac463ec8477b08ccc55095d49e691", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/financeiro exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-ccfd442014b522c5856ea9a8", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/financeiro", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "financeiro", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "financeiroNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.financeiro.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "c1f723dba88341dd49d5cf1407b40a229a1b816c2934d28e13420e6947822883", "source_records_hash": "ccfd442014b522c5856ea9a89e654639a4e3f68767557971a4c1c76f4906fe38", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/financeiro exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-149d50ebaae9e2bae7355a28", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/financeiro", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "financeiro", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "financeiroNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.financeiro.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "6b22bc7ac53a244090bbebe81dde295aa190863ea735111fa1ad3d7c326baa69", "source_records_hash": "149d50ebaae9e2bae7355a2829485bc4fa962870a219ff89815c21a86da9ab16", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/financeiro exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-694117dd77a32806ecc05dce", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/financeiro", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "financeiro", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "financeiroNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.financeiro.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "d83fc6883a3ace99ce943643c36d71f3d85da960334b5c938f703c961165c78c", "source_records_hash": "694117dd77a32806ecc05dce5960efba850636030431335b560ad00c0f571505", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/financeiro exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-fbd8f174adb84d168c76abc2", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/financeiro", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "financeiro", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "financeiroNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.financeiro.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "273dca5b760363ef6e697dc9e2dd31151d2c51680b8abba03e2bdbe6d3031c02", "source_records_hash": "fbd8f174adb84d168c76abc2de111d9c0acebbce815f045c7127d0d5da344f7d", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/financeiro exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-8343bb447358e74b5ecfa543", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/gestor_operacional", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "gestor_operacional", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "gestor_operacionalNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.gestor_operacional.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "3f31ac2d41d4dfdba7ee36d2c6f58ec8b9e19b9486ca775f23b46ad23df4d508", "source_records_hash": "8343bb447358e74b5ecfa5432e66829be95bfd896fc9eb54697f4be647723207", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/gestor_operacional exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-b3a23a04fbfaeefa95b09e65", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/gestor_operacional", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "gestor_operacional", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "gestor_operacionalNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.gestor_operacional.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "47df57dd789b154361b86a88253d2f48e8c72875f460a09562463693c82ebd7d", "source_records_hash": "b3a23a04fbfaeefa95b09e65e5b43b79a3314d81223a68b6e2b138c12201d97b", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/gestor_operacional exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-9869f60d582b7641ac3b4dd9", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/gestor_operacional", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "gestor_operacional", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "gestor_operacionalNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.gestor_operacional.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "f5e9f4aa859f9dcb462a6abb0a0adce18f592f6ad500f5526e25337e98c0cc10", "source_records_hash": "9869f60d582b7641ac3b4dd99a3d438eadfaa980d381ab9e55f9046c85b88756", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/gestor_operacional exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-7be9f47cb88e75fb8f69233f", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/gestor_operacional", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "gestor_operacional", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "gestor_operacionalNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.gestor_operacional.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "0457ff11d12150c4f235959ea067d88a3e464f0b987734c80f62eb967cebb1e3", "source_records_hash": "7be9f47cb88e75fb8f69233fbedc23c50f7dd7215b0d223d1dff44488f2be535", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/gestor_operacional exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-abde2bf9dad152aadfdffc7e", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/gestor_operacional", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "gestor_operacional", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "gestor_operacionalNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.gestor_operacional.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "0a62ee4f4b2aefab5a41b7e6030af8ea8f65eb7982cc216b121a91116b252a21", "source_records_hash": "abde2bf9dad152aadfdffc7e80d91af8fe9c2b7385e5c4f49373e91985922d35", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/gestor_operacional exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-8be1ae4a33a9739b2c85887d", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/juridico", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "juridico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "juridicoNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.juridico.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "634014b193236b09e334ddf0f444aa602ee0ae343db39b20a1135ae7cf826d3f", "source_records_hash": "8be1ae4a33a9739b2c85887d7069cf90117cac8f23d290395145bf075e8cb24b", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/juridico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-a72cb70547a448771ad3ee97", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/juridico", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "juridico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "juridicoNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.juridico.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "40850bcebd6cad4bab4f99415f55558489619aa981b16efa8d875aa8faa886ba", "source_records_hash": "a72cb70547a448771ad3ee9769f9861eb92cd0b9e55fae2faf5888876cd23d33", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/juridico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-cd4d3d5472947cbbf54e313e", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/juridico", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "juridico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "juridicoNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.juridico.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "22a48bf8a21a63667dd7fc744ff0f9bf42db069fdd6a6992a92c9d21fbb8a5cf", "source_records_hash": "cd4d3d5472947cbbf54e313ee3c8f99c9767e1528387942a479381cf39613a1e", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/juridico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-d84aa405d12bd4d3a52e0f62", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/juridico", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "juridico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "juridicoNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.juridico.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "c42d91e49a4c3407da6d3a3f591373c16854cc615ac1332403fb0e0785eaddd2", "source_records_hash": "d84aa405d12bd4d3a52e0f62426977506d8c06a41a379b4d8967ce62e1505fec", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/juridico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-1406eecf16ebedce04528310", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/juridico", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "juridico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "juridicoNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.juridico.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "5c4f8e636cfdc0e9292449069105a98ec8c1344b1fdd74ef34654aad233b6479", "source_records_hash": "1406eecf16ebedce04528310b3455deff78fa558e82d68f0fe6e56ee66505087", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/juridico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-ee7fa3972d690dad1a9f6be2", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/planejamento_estrategico", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "planejamento_estrategico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "planejamento_estrategicoNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.planejamento_estrategico.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "f7e8e4c4c31a2e20380fb12b1f766eb22d5d1e8b08a6c194d03bd63478b2cbce", "source_records_hash": "ee7fa3972d690dad1a9f6be2c04087650b3fedc69225caee29576467b700246c", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/planejamento_estrategico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-0c08c37c640031563180c4c9", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/planejamento_estrategico", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "planejamento_estrategico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "planejamento_estrategicoNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.planejamento_estrategico.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "0c22db82eb615c3001b9ffee3609aece9153901ebea7bd23636c1de1e6bf10b1", "source_records_hash": "0c08c37c640031563180c4c90e9dbb2eaffab2bc4e69ec55813462fd9be2b74a", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/planejamento_estrategico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-42e6ef74d938c77746cdb72c", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/planejamento_estrategico", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "planejamento_estrategico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "planejamento_estrategicoNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.planejamento_estrategico.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "9fac3e1a4657e07c1223141991db2329561d479767987e414562b4038dc0bce0", "source_records_hash": "42e6ef74d938c77746cdb72c54a5b985bc53a008eb49d33d2b3b828b52a6d52c", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/planejamento_estrategico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-a636fc25bd02c4ffb16c6962", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/planejamento_estrategico", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "planejamento_estrategico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "planejamento_estrategicoNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.planejamento_estrategico.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "f3d46d3c766433b2b08fba4d7245e64557f64c2a8ce9d71686a33b168b742ac7", "source_records_hash": "a636fc25bd02c4ffb16c6962b10db9aa8e1219e3ce9e0fbc2e887132e581d994", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/planejamento_estrategico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-390f4acf1816ed6b560751a4", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/planejamento_estrategico", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "planejamento_estrategico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "planejamento_estrategicoNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.planejamento_estrategico.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "50547d17b2d54668f7b25efde5a71ee7bbdc3e2c7c33710dad5942d558d3ece7", "source_records_hash": "390f4acf1816ed6b560751a4d2a991b8d8aa09205711197418e2d1ed8f097c19", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/planejamento_estrategico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-9e23c6cdbe89617a2dde08e0", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/secretaria", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "secretaria", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "secretariaNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.secretaria.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "766fc9009d91e93cc458b18215273f9c453def3152c4a9db70a8f8ddda8b1059", "source_records_hash": "9e23c6cdbe89617a2dde08e0d6af6e98487c73a8cadd5f5360eadfd40f55d7c2", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/secretaria exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-45083e2a5123c61a5547e5c9", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/secretaria", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "secretaria", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "secretariaNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.secretaria.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "89d81c59e668aa4387e029625ad43defd3dfac9ab0e2aacd9c737a24e07415c5", "source_records_hash": "45083e2a5123c61a5547e5c94c0a9d3878bbf79411db564a040ec747624df9f9", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/secretaria exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-5621cbe62605d3c619f2f2b3", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/secretaria", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "secretaria", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "secretariaNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.secretaria.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "44de917b6700e25c5f9b43c99622d0c99e0b84ec99a2f7099039f90b1be11652", "source_records_hash": "5621cbe62605d3c619f2f2b33c22331088e601df155f71c5f34263b90be6aa38", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/secretaria exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-e8987454edc7c9c674750669", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/secretaria", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "secretaria", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "secretariaNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.secretaria.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "d21a33cd8abfe2a18799a8fb4b359fd62e11cc37e7fa6c85c7289b754a03155c", "source_records_hash": "e8987454edc7c9c67475066980f85901a8c8ff75fb949eca396b6277fded2de2", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/secretaria exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-6f5bef2eb928bbad1f1065c0", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/secretaria", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "secretaria", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "secretariaNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.secretaria.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "2f5e03b13e7fe4ccf6661e8155f94be741ab64a340c430fdbe2a6ca5e47dc6a3", "source_records_hash": "6f5bef2eb928bbad1f1065c0f27afca4d35a1cfb740838db9f99829f08d276c4", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/secretaria exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-029f16f1af46ae6578c54d12", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/suporte", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "suporte", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "suporteNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.suporte.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "6d9c7569c3da3af47c2c2fda8773dd513a89bc59da97fd8dd2f5e26eadb02588", "source_records_hash": "029f16f1af46ae6578c54d12ce061b7aae60e225c27592ab797f3b5766e733aa", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/suporte exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-237e8bbe3e47bbb682b5ea44", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/suporte", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "suporte", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "suporteNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.suporte.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "478bc822ed17caf9ef0671500548b286cea7f2634395af307fec427e614b3238", "source_records_hash": "237e8bbe3e47bbb682b5ea4489ee557ebb9e9aa73d110ebb0ca9a3110e7ac77e", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/suporte exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-c66881c2529beb1c3187927b", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/suporte", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "suporte", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "suporteNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.suporte.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "238823299ae492c5d8cb41b191d0d411fa55372d9de17ec7a42289e9026dafaa", "source_records_hash": "c66881c2529beb1c3187927b804d0134d952ea899a77a869096f4dcabeceb61e", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/suporte exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-a00b226d05e4c8d75f5d85f3", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/suporte", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "suporte", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "suporteNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.suporte.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "6e28c54505db5e693e497f2249733c3cf9b284501f1a89b8f1a55755a57678bc", "source_records_hash": "a00b226d05e4c8d75f5d85f3088e952b5dea00881377106be1e8f31ff7c38e17", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/suporte exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-d79ebee53e8c208df54686a9", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/suporte", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "suporte", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "suporteNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.suporte.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "0273e099dd149aae8764512482be06acd6d39a533f47e2de10f8eda0c2c9aec3", "source_records_hash": "d79ebee53e8c208df54686a99ca73e197368a3608e75f2f8262b44cd8698be5a", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/suporte exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-883daaaa95091e12b865b607", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/tecnico", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "tecnico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "tecnicoNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.tecnico.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "ee8f8441cb4ec10f744f1ff7c706bfc1339a26d542f434c3b69f3ac7bda783ed", "source_records_hash": "883daaaa95091e12b865b607fc0a3eaa089b8ac99b15a23ed550be78930f2c90", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/tecnico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-674a5a24f73ed1dfd48eae49", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/tecnico", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "tecnico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "tecnicoNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.tecnico.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "97251a36202e64d62be66b3c7273bb7145cdc18d7b87d5bb71433617404e0a4e", "source_records_hash": "674a5a24f73ed1dfd48eae4909ea2497ca20cdd275dc5af73a0d7388f64f90a6", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/tecnico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-432c72168bf314152e9bdf8e", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/tecnico", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "tecnico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "tecnicoNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.tecnico.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "868391193e158cecf2b60dd5103eec767673cfe482bec3b17b0775dd29141467", "source_records_hash": "432c72168bf314152e9bdf8e6ac71c2ed29ec44e51c8f5e8dc7ed984fdd5fc77", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/tecnico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-faeee54c17c05c63d6eb6b88", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/tecnico", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "tecnico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "tecnicoNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.tecnico.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "512fc59c88fa6975e5a7ae98705fa5cd6364fd0cd99359e86c846d1626cc42a8", "source_records_hash": "faeee54c17c05c63d6eb6b88ceddd7ebcc6459e77ffc8fd04eab19a8db128dcf", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/tecnico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-07fba005b74fd872345c580b", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/tecnico", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "tecnico", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "tecnicoNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.tecnico.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "4658c8c10ffb48bb3294ee67cf2bc1e4a5f901f09bd961e5037cc45080ea39e8", "source_records_hash": "07fba005b74fd872345c580bc431147c6e5a9d9ed9674e4e4a388251bc83b760", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/tecnico exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-c6e6037125061adc5ed6736e", "gpt_explainable": true, "maturity_level": 9, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para business/usuario_final", "permission_scope": "mcp.admin.action.request", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "usuario_final", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "usuario_finalNeed", "acaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.usuario_final.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "6b3eb8aa4f54b00bd211376405143db02a567d35927e898e4d5267bc7303e97b", "source_records_hash": "c6e6037125061adc5ed6736eec4f2cedce977ad005f6cb4d254159641b9c5767", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa acao para business/usuario_final exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-7a9c2f9fd20b59812fbf675f", "gpt_explainable": true, "maturity_level": 9, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para business/usuario_final", "permission_scope": "mcp.admin.audit", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "usuario_final", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "usuario_finalNeed", "auditoriaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.usuario_final.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "5b1b11c3d6ad27a010d235c5cfa01558a3a5d0f71a2cdbeea8f2065d2b3b255d", "source_records_hash": "7a9c2f9fd20b59812fbf675f1e2de204432632df64aacb6b1d03f4d14d734be9", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa auditoria para business/usuario_final exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-6a25903178ca93b54c7673bf", "gpt_explainable": true, "maturity_level": 9, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para business/usuario_final", "permission_scope": "mcp.admin.readonly", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "usuario_final", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "usuario_finalNeed", "consultaState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.usuario_final.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "a5025d532a44da0e6d9e4da6c636e7f9cc27883ce44f800576d35958323eeac7", "source_records_hash": "6a25903178ca93b54c7673bf1bc802abc154eeae371b1e75f9611e0f6e7f8d9a", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa consulta para business/usuario_final exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-552723b48fd546501370a743", "gpt_explainable": true, "maturity_level": 9, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para business/usuario_final", "permission_scope": "mcp.admin.diagnostic", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "usuario_final", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "usuario_finalNeed", "diagnosticoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.usuario_final.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "fe6610d90f27ef04d5ba4ba59e2bf0778b9ee5cca76fb2f4b277d1c1cd6af09d", "source_records_hash": "552723b48fd546501370a7435c30435deb90a951f584344a809188106fe44492", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa diagnostico para business/usuario_final exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-372fc021da7ae4a961bca34c", "gpt_explainable": true, "maturity_level": 9, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para business/usuario_final", "permission_scope": "mcp.admin.explain", "platform_id": "business", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "usuario_final", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider business via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "businessStatus", "usuario_finalNeed", "explicacaoState", "commercialGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "business.usuario_final.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "ddb62b820a179439d794c7f6f29ad1924d6b54f0f94c5ced3324fff5073714db", "source_records_hash": "372fc021da7ae4a961bca34c31846443fabd45c151537d84dea4c2c2b847b8b2", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "same_source_ready", "validation_steps": [ "executar rota administrativa explicacao para business/usuario_final exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-421d97740c6c748241218cd9", "gpt_explainable": true, "maturity_level": 8, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para compliance/administrador_empresa", "permission_scope": "mcp.admin.action.request", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "administrador_empresaNeed", "acaoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.administrador_empresa.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "95610758d1f1275557afe68203eb62af7beec5a731b9e7f35fbfbf8dade2612d", "source_records_hash": "421d97740c6c748241218cd946d1854bb4aa7b2db1c0ce82167776c78ec0f48a", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa acao para compliance/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-da71a08a14a5361908269daa", "gpt_explainable": true, "maturity_level": 8, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para compliance/administrador_empresa", "permission_scope": "mcp.admin.audit", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "administrador_empresaNeed", "auditoriaState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.administrador_empresa.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "61b73e9ecf392c5a570a4695ac647fbfb5d4a38f490a0b47cbb5f41d65d10dda", "source_records_hash": "da71a08a14a5361908269daac0c5b0781e6d401b8ad0764bfbc117a8b404f148", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa auditoria para compliance/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-5e1ee3a252953bb0ffa17332", "gpt_explainable": true, "maturity_level": 8, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para compliance/administrador_empresa", "permission_scope": "mcp.admin.readonly", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "administrador_empresaNeed", "consultaState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.administrador_empresa.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "865627e7c1446a86d098408d7d8e1aceab3814807f1da1041db23201d5c09103", "source_records_hash": "5e1ee3a252953bb0ffa17332db74de07be3b7dbcc183d682bda6b8499242349a", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa consulta para compliance/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-d3d75fba0ce5ad7c088fabc2", "gpt_explainable": true, "maturity_level": 8, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para compliance/administrador_empresa", "permission_scope": "mcp.admin.diagnostic", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "administrador_empresaNeed", "diagnosticoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.administrador_empresa.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "755e05dce5a5d3a00e28a1c2e34f9454eaca42f6b7a77d851bacea24cba04d7c", "source_records_hash": "d3d75fba0ce5ad7c088fabc226f39964182c7531d84c419f376f8c03d449fd63", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa diagnostico para compliance/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-30d751c14e86489cc2b32207", "gpt_explainable": true, "maturity_level": 8, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para compliance/administrador_empresa", "permission_scope": "mcp.admin.explain", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "administrador_empresa", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "administrador_empresaNeed", "explicacaoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.administrador_empresa.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "4b7866f85bdc939833d31499ddfcc0332522216e2036999564d99f4d45bda54e", "source_records_hash": "30d751c14e86489cc2b3220788ea451a7e5bd5d44b2968a284b77530bf99a38c", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa explicacao para compliance/administrador_empresa exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-a0e0d70a285e01aa52447123", "gpt_explainable": true, "maturity_level": 8, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para compliance/atendimento_cliente", "permission_scope": "mcp.admin.action.request", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "atendimento_clienteNeed", "acaoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.atendimento_cliente.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "e01020978451ed2d9c5389ed2521bfe67bd0f6f7e1c4f50a2932e54047870ca9", "source_records_hash": "a0e0d70a285e01aa524471235dd54621797587cdd6811f45335a4c0caad85b28", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa acao para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-e6a362f1d2d20a36edfec854", "gpt_explainable": true, "maturity_level": 8, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para compliance/atendimento_cliente", "permission_scope": "mcp.admin.audit", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "atendimento_clienteNeed", "auditoriaState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.atendimento_cliente.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "36358ac5ef7513ff4824884eb281ae436c9d379d5192c38b0e0b001b69337f47", "source_records_hash": "e6a362f1d2d20a36edfec85462dc741a1330d58d3320179600074ece10b15b9d", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa auditoria para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-b55c69456db525ee2dbf1c8f", "gpt_explainable": true, "maturity_level": 8, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para compliance/atendimento_cliente", "permission_scope": "mcp.admin.readonly", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "atendimento_clienteNeed", "consultaState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.atendimento_cliente.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "403d748cf5f625357043f67e56f7d8eb5d56c535b1763438f70dbacb133dbd39", "source_records_hash": "b55c69456db525ee2dbf1c8f738617099ece60d035ed917cbbe17461a16bd05b", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa consulta para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-f88ddce83206fbf947371a12", "gpt_explainable": true, "maturity_level": 8, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para compliance/atendimento_cliente", "permission_scope": "mcp.admin.diagnostic", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "atendimento_clienteNeed", "diagnosticoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.atendimento_cliente.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "ef3a0b13c78b2f010fe647a815ea1cbfb56a38b4f23b9ded36cb0efe7cf28dbe", "source_records_hash": "f88ddce83206fbf947371a12f1f7db442474cec3cd52c2f7c1ad148ef876bb31", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa diagnostico para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-6d9a659e6b5160cc17b38283", "gpt_explainable": true, "maturity_level": 8, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para compliance/atendimento_cliente", "permission_scope": "mcp.admin.explain", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "atendimento_cliente", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "atendimento_clienteNeed", "explicacaoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.atendimento_cliente.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "b74a380e59e50265f62523aa27e026ece831f7d8d12d5e9303dc476d7a60fc5d", "source_records_hash": "6d9a659e6b5160cc17b38283d90864aa07dc3491b4905b0d129ed8902fa2ad00", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa explicacao para compliance/atendimento_cliente exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-6fcfe225f146ea6387759298", "gpt_explainable": true, "maturity_level": 8, "operation": "acao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa acao para compliance/ceo", "permission_scope": "mcp.admin.action.request", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "action", "acao", "mcp.admin.action.request" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "ceoNeed", "acaoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "acaoRoute", "actionFamily", "mcp_admin_action_request" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.ceo.acao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "2f574faf8ded0239bcc1c8f5c67df5e37b50cea317d0fec4055ab7be9a228758", "source_records_hash": "6fcfe225f146ea6387759298774419fac809f2b35b6cdbb87f86697ffe1429b1", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.acao", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa acao para compliance/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.action.request e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-2a2a08255aa813ef65a426bd", "gpt_explainable": true, "maturity_level": 8, "operation": "auditoria", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa auditoria para compliance/ceo", "permission_scope": "mcp.admin.audit", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "audit", "auditoria", "mcp.admin.audit" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "ceoNeed", "auditoriaState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "auditoriaRoute", "auditFamily", "mcp_admin_audit" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.ceo.auditoria.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "fd8b68a0619ee11b00522147d0b7b8baaaf82a02387c302eec9d857507f63d57", "source_records_hash": "2a2a08255aa813ef65a426bd25e0d422f45cd938b6d5e6ce53969c2afe031ce5", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.auditoria", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa auditoria para compliance/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.audit e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-992f04a502f6ddd9daf0b97b", "gpt_explainable": true, "maturity_level": 8, "operation": "consulta", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa consulta para compliance/ceo", "permission_scope": "mcp.admin.readonly", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "query", "consulta", "mcp.admin.readonly" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "ceoNeed", "consultaState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "consultaRoute", "queryFamily", "mcp_admin_readonly" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.ceo.consulta.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "f823ab70acf3b849697d9300480d43e31e5a66908d4488e44261f02b43928110", "source_records_hash": "992f04a502f6ddd9daf0b97b9b18cde405df8db62d7b4c7ff364c32486f94a51", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.consulta", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa consulta para compliance/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.readonly e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-9738c928212fa58c6b0a53fc", "gpt_explainable": true, "maturity_level": 8, "operation": "diagnostico", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa diagnostico para compliance/ceo", "permission_scope": "mcp.admin.diagnostic", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "diagnostic", "diagnostico", "mcp.admin.diagnostic" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "ceoNeed", "diagnosticoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "diagnosticoRoute", "diagnosticFamily", "mcp_admin_diagnostic" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.ceo.diagnostico.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "b308b090526cb9a54d022358185b532def4a21f3a0609a9315db09c5eddde83d", "source_records_hash": "9738c928212fa58c6b0a53fcc42127980ffda0c1ec64c08283eba3f986fc9c6d", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.diagnostico", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa diagnostico para compliance/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.diagnostic e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] }, { "approval_required": true, "blocker_reasons": [], "dry_run_supported": true, "evidence_id": "evidence-d360c27674acf2dc72bf64f8", "gpt_explainable": true, "maturity_level": 8, "operation": "explicacao", "order_ids": [ "0029_GERENCIAL__pactuar-mcp-como-caminho-unico-administrativo", "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release", "0048_GERENCIAL__homologar-politica-acesso-gpt-mcp-como-gate-institucional" ], "panel_ready": true, "pending_if_missing": "homologar rota administrativa explicacao para compliance/ceo", "permission_scope": "mcp.admin.explain", "platform_id": "compliance", "policy_tags": [ "administration_route", "mcp_only", "explanation", "explicacao", "mcp.admin.explain" ], "profile_id": "ceo", "redaction_requirements": [ "bloquear valores cfat_ brutos em qualquer artefato humano", "permitir apenas credentialRef, tokenRef ou secretRef opacos", "mascarar Authorization Bearer antes de persistir evidencia", "registrar sourcePayloadHash e sourceRecordsHash sem payload sensivel bruto", "vincular redaction ao provider compliance via MCP", "bloquear administracao direta fora do MCPs Internos", "persistir apenas hashes e referencias opacas de credencial" ], "required_payload_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp", "projectId", "platformId", "profileId", "surfaceId", "category", "sourceEndpoint", "sourceToolId", "sourcePayloadHash", "sourceRecordsHash", "truthState", "panelReady", "gptExplainable", "humanNextAction", "complianceStatus", "ceoNeed", "explicacaoState", "legalGate", "adminRouteId", "adminRouteKind", "controlPlaneId", "ownerPlatformId", "targetPlatformId", "routeFamily", "permissionScope", "executionMode", "capabilityId", "capabilityVersion", "policyDecision", "policyReason", "inputSchemaHash", "outputSchemaHash", "operatorIntent", "approvalRequired", "dryRunSupported", "rollbackSupported", "humanExplanation", "auditRetentionPolicy", "mcpOnlyAdministration", "directPlatformBypassBlocked", "explicacaoRoute", "explanationFamily", "mcp_admin_explain" ], "required_transit_fields": [ "origin", "destination", "tool", "payload", "actor", "permission", "result", "traceId", "auditId", "timestamp" ], "route_id": "compliance.ceo.explicacao.administration-route", "same_source": true, "source_endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute", "source_payload_hash": "8d5a2f48af17495c73fbe090e748eb7420db742b1f06d014c20552685a1a9a08", "source_records_hash": "d360c27674acf2dc72bf64f8678f65de79f3c10c7ecbe733c0f2148ecf261dd9", "source_tool_id": "mais_humana.mcp_transit.ledger", "status": "ready", "tool_id": "mais_humana.admin.explicacao", "truth_state": "response_ready", "validation_steps": [ "executar rota administrativa explicacao para compliance/ceo exclusivamente pelo MCPs Internos", "confirmar origin, destination, tool, payload, actor, permission, result, traceId, auditId e timestamp", "validar permissionScope=mcp.admin.explain e bloquear bypass direto da plataforma", "registrar inputSchemaHash, outputSchemaHash, sourcePayloadHash e sourceRecordsHash", "confirmar que acao mutavel exige approvalRequired ou dryRunSupported conforme contrato", "gerar humanExplanation para auditoria da IA administradora" ] } ], "sample_limit": 80, "status": "blocked", "summary": { "blocked_cases": 65, "blockers": [ "customer_ops.administrador_empresa.acao.administration-route:maturity_below_8", "customer_ops.administrador_empresa.auditoria.administration-route:maturity_below_8", "customer_ops.administrador_empresa.consulta.administration-route:maturity_below_8", "customer_ops.administrador_empresa.diagnostico.administration-route:maturity_below_8", "customer_ops.administrador_empresa.explicacao.administration-route:maturity_below_8", "customer_ops.atendimento_cliente.acao.administration-route:maturity_below_8", "customer_ops.atendimento_cliente.auditoria.administration-route:maturity_below_8", "customer_ops.atendimento_cliente.consulta.administration-route:maturity_below_8", "customer_ops.atendimento_cliente.diagnostico.administration-route:maturity_below_8", "customer_ops.atendimento_cliente.explicacao.administration-route:maturity_below_8", "customer_ops.ceo.acao.administration-route:maturity_below_8", "customer_ops.ceo.auditoria.administration-route:maturity_below_8", "customer_ops.ceo.consulta.administration-route:maturity_below_8", "customer_ops.ceo.diagnostico.administration-route:maturity_below_8", "customer_ops.ceo.explicacao.administration-route:maturity_below_8", "customer_ops.cliente_externo.acao.administration-route:maturity_below_8", "customer_ops.cliente_externo.auditoria.administration-route:maturity_below_8", "customer_ops.cliente_externo.consulta.administration-route:maturity_below_8", "customer_ops.cliente_externo.diagnostico.administration-route:maturity_below_8", "customer_ops.cliente_externo.explicacao.administration-route:maturity_below_8", "customer_ops.contador.acao.administration-route:maturity_below_8", "customer_ops.contador.auditoria.administration-route:maturity_below_8", "customer_ops.contador.consulta.administration-route:maturity_below_8", "customer_ops.contador.diagnostico.administration-route:maturity_below_8", "customer_ops.contador.explicacao.administration-route:maturity_below_8", "customer_ops.financeiro.acao.administration-route:maturity_below_8", "customer_ops.financeiro.auditoria.administration-route:maturity_below_8", "customer_ops.financeiro.consulta.administration-route:maturity_below_8", "customer_ops.financeiro.diagnostico.administration-route:maturity_below_8", "customer_ops.financeiro.explicacao.administration-route:maturity_below_8", "customer_ops.gestor_operacional.acao.administration-route:maturity_below_8", "customer_ops.gestor_operacional.auditoria.administration-route:maturity_below_8", "customer_ops.gestor_operacional.consulta.administration-route:maturity_below_8", "customer_ops.gestor_operacional.diagnostico.administration-route:maturity_below_8", "customer_ops.gestor_operacional.explicacao.administration-route:maturity_below_8", "customer_ops.juridico.acao.administration-route:maturity_below_8", "customer_ops.juridico.auditoria.administration-route:maturity_below_8", "customer_ops.juridico.consulta.administration-route:maturity_below_8", "customer_ops.juridico.diagnostico.administration-route:maturity_below_8", "customer_ops.juridico.explicacao.administration-route:maturity_below_8", "customer_ops.planejamento_estrategico.acao.administration-route:maturity_below_8", "customer_ops.planejamento_estrategico.auditoria.administration-route:maturity_below_8", "customer_ops.planejamento_estrategico.consulta.administration-route:maturity_below_8", "customer_ops.planejamento_estrategico.diagnostico.administration-route:maturity_below_8", "customer_ops.planejamento_estrategico.explicacao.administration-route:maturity_below_8", "customer_ops.secretaria.acao.administration-route:maturity_below_8", "customer_ops.secretaria.auditoria.administration-route:maturity_below_8", "customer_ops.secretaria.consulta.administration-route:maturity_below_8", "customer_ops.secretaria.diagnostico.administration-route:maturity_below_8", "customer_ops.secretaria.explicacao.administration-route:maturity_below_8", "customer_ops.suporte.acao.administration-route:maturity_below_8", "customer_ops.suporte.auditoria.administration-route:maturity_below_8", "customer_ops.suporte.consulta.administration-route:maturity_below_8", "customer_ops.suporte.diagnostico.administration-route:maturity_below_8", "customer_ops.suporte.explicacao.administration-route:maturity_below_8", "customer_ops.tecnico.acao.administration-route:maturity_below_8", "customer_ops.tecnico.auditoria.administration-route:maturity_below_8", "customer_ops.tecnico.consulta.administration-route:maturity_below_8", "customer_ops.tecnico.diagnostico.administration-route:maturity_below_8", "customer_ops.tecnico.explicacao.administration-route:maturity_below_8", "customer_ops.usuario_final.acao.administration-route:maturity_below_8", "customer_ops.usuario_final.auditoria.administration-route:maturity_below_8", "customer_ops.usuario_final.consulta.administration-route:maturity_below_8", "customer_ops.usuario_final.diagnostico.administration-route:maturity_below_8", "customer_ops.usuario_final.explicacao.administration-route:maturity_below_8", "docs.administrador_empresa.acao.administration-route:maturity_below_8", "docs.administrador_empresa.auditoria.administration-route:maturity_below_8", "docs.administrador_empresa.consulta.administration-route:maturity_below_8", "docs.administrador_empresa.diagnostico.administration-route:maturity_below_8", "docs.administrador_empresa.explicacao.administration-route:maturity_below_8", "docs.atendimento_cliente.acao.administration-route:maturity_below_8", "docs.atendimento_cliente.auditoria.administration-route:maturity_below_8", "docs.atendimento_cliente.consulta.administration-route:maturity_below_8", "docs.atendimento_cliente.diagnostico.administration-route:maturity_below_8", "docs.atendimento_cliente.explicacao.administration-route:maturity_below_8", "docs.ceo.acao.administration-route:maturity_below_8", "docs.ceo.auditoria.administration-route:maturity_below_8", "docs.ceo.consulta.administration-route:maturity_below_8", "docs.ceo.diagnostico.administration-route:maturity_below_8", "docs.ceo.explicacao.administration-route:maturity_below_8" ], "control_plane_id": "tudo-para-ia-mcps-internos-plataform", "evidence_id": "evidence-3e8315d3681d99686af5b998", "generated_at": "2026-05-02T10:23:15+00:00", "operations": { "acao": 182, "auditoria": 182, "consulta": 182, "diagnostico": 182, "explicacao": 182 }, "partial_cases": 325, "platforms": { "business": 65, "compliance": 65, "customer_ops": 65, "docs": 65, "finance": 65, "gettys": 65, "identity": 65, "integracoes": 65, "intelligence": 65, "mcps": 65, "platform_base": 65, "public": 65, "stj": 65, "ui": 65 }, "platforms_count": 14, "profiles_count": 13, "provider_id": "mais_humana", "ready_cases": 520, "source_hash": "f9844f598bfbfb968acea6465fc4b8f7a277b5b071003f3808d1581ce3112363", "total_cases": 910 } }