@ar-agents/mercadopago 0.4.0 → 0.5.0

package/dist/index.js

@@ -505,6 +505,9 @@ var MercadoPagoClient = class {
     if (params.expires !== void 0) body.expires = params.expires;
     if (params.expirationDateFrom) body.expiration_date_from = params.expirationDateFrom;
     if (params.expirationDateTo) body.expiration_date_to = params.expirationDateTo;
+    if (params.marketplace) body.marketplace = params.marketplace;
+    if (params.marketplaceFee !== void 0) body.marketplace_fee = params.marketplaceFee;
+    if (params.collectorId !== void 0) body.collector_id = params.collectorId;
     return this.request("POST", "/checkout/preferences", body);
   }
   async getPreference(id) {
@@ -894,1081 +897,67 @@ var MercadoPagoClient = class {
   async deleteWebhook(id) {
     await this.request("DELETE", `/v1/webhooks/${id}`);
   }
-};
-function deterministicIdempotencyKey(...parts) {
-  const payload = parts.filter((p) => p !== void 0 && p !== null).map(String).join("|");
-  return createHash("sha256").update(payload).digest("hex").slice(0, 32);
-}
-var DEFAULT_DESCRIPTIONS = {
-  // ── Subscriptions ────────────────────────────────────────────────────────
-  create_subscription: "Create a Mercado Pago recurring subscription. Returns an init_point URL where the customer must complete the FIRST payment with their card and CVV (this is a hard MP requirement; agents cannot bypass it). After they pay, MP will auto-charge at the configured frequency without further intervention.",
-  get_subscription_status: "Check the current status of a Mercado Pago subscription. Use this to confirm the customer completed the first payment (status becomes 'authorized') or to inspect the next charge date.",
-  cancel_subscription: "Cancel an active Mercado Pago subscription. After cancellation, MP will not charge the customer again. This action is irreversible \u2014 confirm with the user before calling.",
-  pause_subscription: "Pause an authorized Mercado Pago subscription. Charges stop until resumed. Only works on subscriptions in 'authorized' status.",
-  resume_subscription: "Resume a paused Mercado Pago subscription. Charges resume on the next scheduled date. Only works on subscriptions in 'paused' status.",
-  // ── Payments ─────────────────────────────────────────────────────────────
-  create_payment: "Create a one-time payment. Two flows: (a) with a card token from MP frontend Cardform \u2014 for transparent checkout; (b) without token, for non-card methods like 'account_money', 'rapipago', 'pagofacil'. For most agent flows where you only have a payer email and want to send them a payment link, use create_payment_preference instead (Checkout Pro hosted form). Returns the Payment object with status \u2014 typically 'approved' for account_money and 'pending' for tickets.",
-  get_payment: "Fetch a single payment by ID. Use to confirm status after webhook arrives, or to inspect details (status_detail explains rejections).",
-  search_payments: "Search payments with filters. Most common: by external_reference (your-system identifier) to find all payments for an order, or by status='approved' to list successful charges in a date range. Returns paginated results.",
-  cancel_payment: "Cancel a pending or in_process payment (only works before approval). Once approved, use refund_payment instead. Common use: cancel an unpaid ticket payment that's still pending.",
-  capture_payment: "Capture an authorized credit-card payment that was created with capture=false. Use for hold-then-capture flows (e.g., authorize on order, capture on shipment). Optional partial amount.",
-  // ── Refunds ──────────────────────────────────────────────────────────────
-  refund_payment: "Refund an approved payment. Pass amount for partial refund; omit for full refund. Idempotency key is auto-generated based on paymentId+amount to prevent double-refunds on retries.",
-  list_refunds: "List all refunds for a given payment. Returns array of Refund objects. Useful to confirm a refund was processed or to inspect partial-refund history.",
-  // ── Checkout Pro ─────────────────────────────────────────────────────────
-  create_payment_preference: "Create a Mercado Pago Checkout Pro preference and get back a payment URL (init_point) to send to the customer. THIS is the recommended way for an agent to take a payment when you only have a payer email \u2014 the buyer enters card data on MP's hosted form (no PCI scope needed). Supports cuotas configuration, payment method exclusions, back URLs after success/failure/pending. In sandbox, use sandbox_init_point from the response.",
-  get_payment_preference: "Fetch a Checkout Pro preference by ID. Returns the preference config and current init_point URLs. Use to inspect a previously-created link.",
-  // ── Customers + Cards ────────────────────────────────────────────────────
-  create_customer: "Create a Mercado Pago customer record so the buyer can save cards for future charges. Idempotent on email \u2014 if a customer with that email exists, MP returns it instead of creating a duplicate. Use find_customer_by_email first if you're unsure.",
-  find_customer_by_email: "Find an existing customer by email address. Returns the customer object if found, or null. Use before create_customer to avoid duplicate records.",
-  list_customer_cards: "List the saved cards for a customer. Returns array with last 4 digits, expiration, payment method (visa, master, naranja, etc.). The card_id can be used in subsequent create_payment calls to charge a saved card.",
-  delete_customer_card: "Delete a saved card from a customer. Common use: customer requests removal, or expired card cleanup. Irreversible.",
-  // ── Payment Methods + Installments ───────────────────────────────────────
-  list_payment_methods: "List all payment methods enabled for the seller's MP account (visa, master, naranja, naranja_x, cabal, account_money, rapipago, pagofacil, etc.). Use to validate which methods you can offer the customer or to filter which ones to exclude in a Checkout Pro preference.",
-  calculate_installments: "Calculate cuotas (installments) options for a given amount. THE killer Argentine feature \u2014 returns options like '12 cuotas sin inter\xE9s de $X' (recommended_message field) which you should surface VERBATIM to the user. Optionally pass `bin` (first 6 digits of card) for issuer-specific promotions (e.g., Naranja's interest-free deals). Use before create_payment to let the user pick installments knowingly.",
-  // ── Account ──────────────────────────────────────────────────────────────
-  get_account_info: "Get info about the Mercado Pago account that owns the access token: site_id (MLA=Argentina), country_id, user_type (registered, partial, etc.). Useful to verify the agent is connected to the right account before taking actions.",
-  // ── Saved-card charging (v0.3) ───────────────────────────────────────────
-  charge_saved_card: "Charge a previously-saved card for a returning customer. Requires customer_id + card_id (from list_customer_cards) AND a fresh CVV the user provides this session. AR Mercado Pago does NOT support CVV-less charges via the public API \u2014 every charge needs CVV. Idempotent on (card_id, amount, external_reference): retries dedupe automatically. Returns the resulting Payment.",
-  // ── QR in-store (v0.3) ───────────────────────────────────────────────────
-  create_qr_payment: "Generate a dynamic in-store QR for a buyer to scan with any AR wallet (Modo, BNA+, Cuenta DNI, Naranja X, Mercado Pago, etc. \u2014 interop is mandated by Transferencias 3.0). Requires a pre-configured POS external_id (use create_pos to set one up first if needed). Returns the qr_data string + a base64 PNG data URL ready to display. The QR expires in `expires_in_seconds` (default 600). MP fires `point_integration_wh` then `payment` webhooks when scanned.",
-  cancel_qr_payment: "Cancel a pending QR order on a POS. Necessary if the buyer never scans \u2014 otherwise the next create_qr_payment on the same POS returns 409.",
-  // ── Subscription Plans (v0.4) ────────────────────────────────────────────
-  create_subscription_plan: "Create a REUSABLE subscription plan (preapproval_plan). Different from create_subscription: a plan defines price + frequency once, then customers subscribe to it via subscribe_to_plan. Use plans for SaaS-style billing (B\xE1sico/Pro/Enterprise tiers). For per-customer custom amounts, use create_subscription directly.",
-  list_subscription_plans: "List all subscription plans defined for this MP account. Useful before create_subscription_plan to check if one already exists, or for surfacing options to a customer.",
-  update_subscription_plan: "Update a subscription plan's reason / amount / status / back_url. Existing customer subscriptions to the plan are NOT automatically updated \u2014 only NEW subscribers get the new pricing.",
-  subscribe_to_plan: "Subscribe a customer to an existing reusable plan. Returns a Preapproval with init_point URL where the customer completes first payment. Cleaner than create_subscription when you have fixed tiers.",
-  list_subscription_payments: "List the auto-charge attempts (authorized_payments) under a subscription. Useful for 'show me the cobros del \xFAltimo mes for this client' or to debug a failing recurring charge.",
-  // ── Stores + POS (v0.4) ──────────────────────────────────────────────────
-  create_store: "Create a store under the seller's MP account. Stores are the parent entity for POSes (which generate QR payments). Required ONE-TIME setup before create_pos. Pass a unique external_id and a display name.",
-  list_stores: "List all stores configured for this MP account. Use this to find an existing store_id before create_pos, or to surface store options to the agent.",
-  create_pos: "Create a POS (Point of Sale) under a store. The POS's external_id is what create_qr_payment uses. Each physical checkout / counter / agent typically has its own POS. Categories are MP-defined (default 621102 = Other Food and Beverage Services).",
-  list_pos: "List all POSes for the seller (or filtered by store_id). Use to find an existing POS before create_qr_payment, or to surface options.",
-  // ── Disputes (v0.4 — read-only) ──────────────────────────────────────────
-  list_payment_disputes: "List all disputes / chargebacks raised against a payment. Read-only \u2014 resolution is dashboard-only. Surface the dashboard URL `https://www.mercadopago.com.ar/disputes/{dispute_id}` to the user when they need to respond.",
-  get_dispute: "Get details of a specific dispute including reason, amount, resolution status. Read-only.",
-  // ── Lookup helpers (v0.4) ────────────────────────────────────────────────
-  list_identification_types: "List valid identification types for the seller's site. AR returns: DNI, CI, LE, LC, Otro, Pasaporte, CUIT, CUIL with their min/max length. Useful to validate an identification before passing to create_payment.",
-  list_issuers: "List card issuers (banks) that support a payment_method_id. Optionally filter by `bin` (first 6 digits of the card) for accurate issuer detection. Useful with calculate_installments \u2014 issuer-specific promos (e.g., Naranja Galicia 6 cuotas sin inter\xE9s) only appear when the issuer is identified.",
-  // ── Webhooks management (v0.4) ───────────────────────────────────────────
-  list_webhooks: "List all webhook subscriptions configured for this MP application. Use to see what topics + URLs are wired before adding new ones.",
-  create_webhook: "Subscribe a webhook URL to a MP topic (payment, subscription_authorized_payment, subscription_preapproval, merchant_order, point_integration_wh). MP will POST to this URL when events of that topic fire.",
-  update_webhook: "Update a webhook's URL or topic. Useful when you change deployment URLs without resubscribing from scratch.",
-  delete_webhook: "Delete a webhook subscription. MP stops POSTing to it immediately."
-};
-function mercadoPagoTools(client, options) {
-  const desc = (name) => options.descriptions?.[name] ?? DEFAULT_DESCRIPTIONS[name];
-  return {
-    // ─────────────────────────────────────────────────────────────────────────
-    // Subscriptions (v0.1 — kept identical for backward compatibility)
-    // ─────────────────────────────────────────────────────────────────────────
-    create_subscription: tool({
-      description: desc("create_subscription"),
-      inputSchema: z.object({
-        customer_email: z.string().email().describe("Email of the customer who will be charged"),
-        amount_ars: z.number().positive().describe("Amount in Argentine Pesos per recurring charge"),
-        frequency_months: z.number().int().positive().max(12).describe("Frequency in months (1=monthly, 3=quarterly, 12=yearly)"),
-        reason: z.string().min(3).max(120).describe("Short description shown to the customer at checkout"),
-        external_reference: z.string().optional().describe("Optional id from your system to track this subscription")
-      }),
-      execute: async ({ customer_email, amount_ars, frequency_months, reason, external_reference }) => {
-        const created = await client.createPreapproval({
-          reason,
-          payerEmail: customer_email,
-          amount: amount_ars,
-          currency: "ARS",
-          frequency: frequency_months,
-          frequencyType: "months",
-          backUrl: options.backUrl,
-          ...external_reference !== void 0 ? { externalReference: external_reference } : {}
-        });
-        await options.state.set(created.id, {
-          status: created.status,
-          payerEmail: customer_email,
-          amount: amount_ars,
-          currency: "ARS",
-          frequency: frequency_months,
-          frequencyType: "months",
-          initPoint: created.init_point,
-          ...external_reference !== void 0 ? { externalReference: external_reference } : {},
-          createdAt: (/* @__PURE__ */ new Date()).toISOString()
-        });
-        return {
-          subscription_id: created.id,
-          status: created.status,
-          init_point_url: created.init_point,
-          next_step: "Send init_point_url to the customer. They must complete the first payment with card+CVV. Use get_subscription_status to confirm activation after they pay."
-        };
-      }
-    }),
-    get_subscription_status: tool({
-      description: desc("get_subscription_status"),
-      inputSchema: z.object({
-        subscription_id: z.string().describe("The Mercado Pago subscription/preapproval ID")
-      }),
-      execute: async ({ subscription_id }) => {
-        const fresh = await client.getPreapproval(subscription_id);
-        const cached = await options.state.get(subscription_id);
-        return {
-          subscription_id: fresh.id,
-          status: fresh.status,
-          payer_email: fresh.payer_email,
-          amount: fresh.auto_recurring.transaction_amount,
-          currency: fresh.auto_recurring.currency_id,
-          next_payment_date: fresh.next_payment_date ?? null,
-          last_webhook_status: cached?.lastWebhookStatus ?? null,
-          last_webhook_at: cached?.lastWebhookAt ?? null
-        };
-      }
-    }),
-    cancel_subscription: tool({
-      description: desc("cancel_subscription"),
-      inputSchema: z.object({
-        subscription_id: z.string().describe("The Mercado Pago subscription/preapproval ID to cancel")
-      }),
-      execute: async ({ subscription_id }) => {
-        const cancelled = await client.cancelPreapproval(subscription_id);
-        await options.state.set(subscription_id, {
-          status: cancelled.status,
-          cancelledAt: (/* @__PURE__ */ new Date()).toISOString()
-        });
-        return {
-          subscription_id: cancelled.id,
-          status: cancelled.status,
-          message: "Subscription cancelled. No further charges will occur."
-        };
-      }
-    }),
-    pause_subscription: tool({
-      description: desc("pause_subscription"),
-      inputSchema: z.object({ subscription_id: z.string() }),
-      execute: async ({ subscription_id }) => {
-        const paused = await client.pausePreapproval(subscription_id);
-        await options.state.set(subscription_id, { status: paused.status });
-        return {
-          subscription_id: paused.id,
-          status: paused.status,
-          message: "Subscription paused. Use resume_subscription to reactivate."
-        };
-      }
-    }),
-    resume_subscription: tool({
-      description: desc("resume_subscription"),
-      inputSchema: z.object({ subscription_id: z.string() }),
-      execute: async ({ subscription_id }) => {
-        const resumed = await client.resumePreapproval(subscription_id);
-        await options.state.set(subscription_id, { status: resumed.status });
-        return {
-          subscription_id: resumed.id,
-          status: resumed.status,
-          message: "Subscription resumed. Charges will continue on next scheduled date."
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Payments (v0.2)
-    // ─────────────────────────────────────────────────────────────────────────
-    create_payment: tool({
-      description: desc("create_payment"),
-      inputSchema: z.object({
-        amount_ars: z.number().positive().describe("Amount in ARS"),
-        payment_method_id: z.string().describe("MP payment method id (e.g. 'account_money', 'rapipago', 'visa', 'master', 'naranja')"),
-        payer_email: z.string().email().describe("Email of the payer. Cannot equal seller email."),
-        token: z.string().optional().describe("Card token from MP frontend Cardform. Required for credit/debit; omit for cash/account_money."),
-        installments: z.number().int().min(1).max(24).optional().describe("Number of installments (cuotas). Default 1. Use calculate_installments first to see options."),
-        description: z.string().max(255).optional().describe("Short description"),
-        external_reference: z.string().optional().describe("Your-system identifier"),
-        identification: z.object({
-          type: z.enum(["DNI", "CUIT", "CUIL"]),
-          number: z.string()
-        }).optional().describe("Payer identification \u2014 required for some payment types in AR"),
-        statement_descriptor: z.string().max(13).optional().describe("Shows on buyer's card statement (max 13 chars)")
-      }),
-      execute: async (input) => {
-        const payment = await client.createPayment({
-          transactionAmount: input.amount_ars,
-          paymentMethodId: input.payment_method_id,
-          payerEmail: input.payer_email,
-          ...input.token !== void 0 ? { token: input.token } : {},
-          ...input.installments !== void 0 ? { installments: input.installments } : {},
-          ...input.description !== void 0 ? { description: input.description } : {},
-          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
-          ...input.identification !== void 0 ? { identification: input.identification } : {},
-          ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
-          ...options.notificationUrl !== void 0 ? { notificationUrl: options.notificationUrl } : {},
-          // Deterministic idempotency key — safe to retry, same inputs always
-          // produce the same key (MP dedupes on its side).
-          idempotencyKey: deterministicIdempotencyKey(
-            "create_payment",
-            input.external_reference ?? input.payer_email,
-            input.amount_ars,
-            input.payment_method_id,
-            input.token
-          )
-        });
-        return {
-          payment_id: payment.id,
-          status: payment.status,
-          status_detail: payment.status_detail,
-          amount: payment.transaction_amount,
-          currency: payment.currency_id,
-          installments: payment.installments,
-          payment_method: payment.payment_method_id,
-          payer_email: payment.payer?.email ?? null,
-          external_reference: payment.external_reference,
-          date_created: payment.date_created,
-          date_approved: payment.date_approved
-        };
-      }
-    }),
-    get_payment: tool({
-      description: desc("get_payment"),
-      inputSchema: z.object({
-        payment_id: z.string().describe("The MP payment ID")
-      }),
-      execute: async ({ payment_id }) => {
-        const p = await client.getPayment(payment_id);
-        return {
-          payment_id: p.id,
-          status: p.status,
-          status_detail: p.status_detail,
-          amount: p.transaction_amount,
-          currency: p.currency_id,
-          payment_method: p.payment_method_id,
-          installments: p.installments,
-          payer_email: p.payer?.email ?? null,
-          external_reference: p.external_reference,
-          date_created: p.date_created,
-          date_approved: p.date_approved,
-          net_received: p.transaction_details?.net_received_amount ?? null
-        };
-      }
-    }),
-    search_payments: tool({
-      description: desc("search_payments"),
-      inputSchema: z.object({
-        external_reference: z.string().optional(),
-        status: z.string().optional().describe("'approved' | 'pending' | 'rejected' | 'cancelled' | 'refunded' etc."),
-        payer_email: z.string().optional(),
-        begin_date: z.string().optional().describe("ISO 8601, e.g. 2026-01-01T00:00:00Z"),
-        end_date: z.string().optional().describe("ISO 8601"),
-        limit: z.number().int().min(1).max(100).optional().describe("Default 30, max 100"),
-        offset: z.number().int().min(0).optional().describe("Pagination offset (default 0)")
-      }),
-      execute: async (input) => {
-        const result = await client.searchPayments({
-          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
-          ...input.status !== void 0 ? { status: input.status } : {},
-          ...input.payer_email !== void 0 ? { payerEmail: input.payer_email } : {},
-          ...input.begin_date !== void 0 ? { beginDate: input.begin_date } : {},
-          ...input.end_date !== void 0 ? { endDate: input.end_date } : {},
-          ...input.limit !== void 0 ? { limit: input.limit } : {},
-          ...input.offset !== void 0 ? { offset: input.offset } : {}
-        });
-        return {
-          total: result.paging.total,
-          returned: result.results.length,
-          offset: result.paging.offset,
-          payments: result.results.map((p) => ({
-            payment_id: p.id,
-            status: p.status,
-            amount: p.transaction_amount,
-            currency: p.currency_id,
-            payer_email: p.payer?.email ?? null,
-            external_reference: p.external_reference,
-            date_created: p.date_created
-          }))
-        };
-      }
-    }),
-    cancel_payment: tool({
-      description: desc("cancel_payment"),
-      inputSchema: z.object({ payment_id: z.string() }),
-      execute: async ({ payment_id }) => {
-        const cancelled = await client.cancelPayment(payment_id);
-        return {
-          payment_id: cancelled.id,
-          status: cancelled.status,
-          message: "Payment cancelled. If it was already approved, use refund_payment instead."
-        };
-      }
-    }),
-    capture_payment: tool({
-      description: desc("capture_payment"),
-      inputSchema: z.object({
-        payment_id: z.string(),
-        amount_ars: z.number().positive().optional().describe("Optional partial-capture amount. Omit to capture full authorized amount.")
-      }),
-      execute: async ({ payment_id, amount_ars }) => {
-        const captured = await client.capturePayment(payment_id, amount_ars);
-        return {
-          payment_id: captured.id,
-          status: captured.status,
-          amount: captured.transaction_amount
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Refunds
-    // ─────────────────────────────────────────────────────────────────────────
-    refund_payment: tool({
-      description: desc("refund_payment"),
-      inputSchema: z.object({
-        payment_id: z.string(),
-        amount_ars: z.number().positive().optional().describe("Partial-refund amount in ARS. Omit for full refund.")
-      }),
-      execute: async ({ payment_id, amount_ars }) => {
-        const refund = await client.createRefund({
-          paymentId: payment_id,
-          ...amount_ars !== void 0 ? { amount: amount_ars } : {},
-          idempotencyKey: deterministicIdempotencyKey("refund", payment_id, amount_ars ?? "full")
-        });
-        return {
-          refund_id: refund.id,
-          payment_id: refund.payment_id,
-          amount: refund.amount,
-          status: refund.status,
-          message: amount_ars === void 0 ? "Full refund issued. Funds return to the buyer in 3-10 business days." : `Partial refund of ${amount_ars} ARS issued.`
-        };
-      }
-    }),
-    list_refunds: tool({
-      description: desc("list_refunds"),
-      inputSchema: z.object({ payment_id: z.string() }),
-      execute: async ({ payment_id }) => {
-        const refunds = await client.listRefunds(payment_id);
-        return {
-          payment_id,
-          count: refunds.length,
-          refunds: refunds.map((r) => ({
-            refund_id: r.id,
-            amount: r.amount,
-            status: r.status,
-            date_created: r.date_created
-          }))
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Checkout Pro
-    // ─────────────────────────────────────────────────────────────────────────
-    create_payment_preference: tool({
-      description: desc("create_payment_preference"),
-      inputSchema: z.object({
-        items: z.array(z.object({
-          title: z.string().min(1).max(256),
-          quantity: z.number().int().positive(),
-          unit_price: z.number().positive(),
-          description: z.string().optional(),
-          picture_url: z.string().url().optional()
-        })).min(1).describe("Items being charged. At least one required."),
-        payer_email: z.string().email().optional().describe("Pre-fill the payer email on Checkout Pro form"),
-        external_reference: z.string().optional(),
-        max_installments: z.number().int().min(1).max(24).optional().describe("Limit max cuotas offered. Defaults to MP account config."),
-        statement_descriptor: z.string().max(13).optional(),
-        excluded_payment_types: z.array(z.enum(["credit_card", "debit_card", "ticket", "atm", "bank_transfer"])).optional().describe("Block payment types \u2014 e.g., ['ticket'] to disable Rapipago/Pago F\xE1cil")
-      }),
-      execute: async (input) => {
-        const pref = await client.createPreference({
-          items: input.items.map((it) => ({
-            title: it.title,
-            quantity: it.quantity,
-            unit_price: it.unit_price,
-            currency_id: "ARS",
-            ...it.description !== void 0 ? { description: it.description } : {},
-            ...it.picture_url !== void 0 ? { picture_url: it.picture_url } : {}
-          })),
-          ...input.payer_email !== void 0 ? { payer: { email: input.payer_email } } : {},
-          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
-          ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
-          backUrls: { success: options.backUrl, failure: options.backUrl, pending: options.backUrl },
-          autoReturn: "approved",
-          ...options.notificationUrl !== void 0 ? { notificationUrl: options.notificationUrl } : {},
-          ...input.max_installments !== void 0 || input.excluded_payment_types !== void 0 ? {
-            paymentMethods: {
-              ...input.max_installments !== void 0 ? { installments: input.max_installments } : {},
-              ...input.excluded_payment_types !== void 0 ? { excluded_payment_types: input.excluded_payment_types.map((id) => ({ id })) } : {}
-            }
-          } : {}
-        });
-        return {
-          preference_id: pref.id,
-          init_point_url: pref.init_point ?? null,
-          sandbox_init_point_url: pref.sandbox_init_point ?? null,
-          external_reference: pref.external_reference,
-          date_created: pref.date_created,
-          next_step: "Send init_point_url (or sandbox_init_point_url in sandbox) to the customer. After they pay, MP fires a webhook with the payment_id; use get_payment to confirm status."
-        };
-      }
-    }),
-    get_payment_preference: tool({
-      description: desc("get_payment_preference"),
-      inputSchema: z.object({ preference_id: z.string() }),
-      execute: async ({ preference_id }) => {
-        const pref = await client.getPreference(preference_id);
-        return {
-          preference_id: pref.id,
-          init_point_url: pref.init_point ?? null,
-          sandbox_init_point_url: pref.sandbox_init_point ?? null,
-          external_reference: pref.external_reference,
-          items: pref.items,
-          date_created: pref.date_created
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Customers + Saved Cards
-    // ─────────────────────────────────────────────────────────────────────────
-    create_customer: tool({
-      description: desc("create_customer"),
-      inputSchema: z.object({
-        email: z.string().email(),
-        first_name: z.string().optional(),
-        last_name: z.string().optional(),
-        identification: z.object({
-          type: z.enum(["DNI", "CUIT", "CUIL"]),
-          number: z.string()
-        }).optional(),
-        description: z.string().optional()
-      }),
-      execute: async (input) => {
-        const customer = await client.createCustomer({
-          email: input.email,
-          ...input.first_name !== void 0 ? { firstName: input.first_name } : {},
-          ...input.last_name !== void 0 ? { lastName: input.last_name } : {},
-          ...input.identification !== void 0 ? { identification: input.identification } : {},
-          ...input.description !== void 0 ? { description: input.description } : {}
-        });
-        return {
-          customer_id: customer.id,
-          email: customer.email,
-          first_name: customer.first_name,
-          last_name: customer.last_name,
-          date_created: customer.date_created
-        };
-      }
-    }),
-    find_customer_by_email: tool({
-      description: desc("find_customer_by_email"),
-      inputSchema: z.object({ email: z.string().email() }),
-      execute: async ({ email }) => {
-        const result = await client.searchCustomers({ email, limit: 1 });
-        const customer = result.results[0] ?? null;
-        return customer ? {
-          found: true,
-          customer_id: customer.id,
-          email: customer.email,
-          first_name: customer.first_name,
-          last_name: customer.last_name
-        } : { found: false, customer_id: null };
-      }
-    }),
-    list_customer_cards: tool({
-      description: desc("list_customer_cards"),
-      inputSchema: z.object({ customer_id: z.string() }),
-      execute: async ({ customer_id }) => {
-        const cards = await client.listCustomerCards(customer_id);
-        return {
-          customer_id,
-          count: cards.length,
-          cards: cards.map((c) => ({
-            card_id: c.id,
-            last_four_digits: c.last_four_digits,
-            expiration_month: c.expiration_month,
-            expiration_year: c.expiration_year,
-            payment_method: c.payment_method?.id ?? null,
-            payment_method_name: c.payment_method?.name ?? null
-          }))
-        };
-      }
-    }),
-    delete_customer_card: tool({
-      description: desc("delete_customer_card"),
-      inputSchema: z.object({
-        customer_id: z.string(),
-        card_id: z.string()
-      }),
-      execute: async ({ customer_id, card_id }) => {
-        await client.deleteCustomerCard(customer_id, card_id);
-        return { customer_id, card_id, deleted: true };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Payment Methods + Installments
-    // ─────────────────────────────────────────────────────────────────────────
-    list_payment_methods: tool({
-      description: desc("list_payment_methods"),
-      inputSchema: z.object({}),
-      execute: async () => {
-        const methods = await client.listPaymentMethods();
-        return {
-          count: methods.length,
-          methods: methods.map((m) => ({
-            id: m.id,
-            name: m.name,
-            payment_type: m.payment_type_id,
-            status: m.status,
-            min_amount: m.min_allowed_amount,
-            max_amount: m.max_allowed_amount
-          }))
-        };
-      }
-    }),
-    calculate_installments: tool({
-      description: desc("calculate_installments"),
-      inputSchema: z.object({
-        amount_ars: z.number().positive(),
-        payment_method_id: z.string().optional().describe("E.g. 'visa', 'master', 'naranja'. Omit for all available methods."),
-        bin: z.string().min(6).max(8).optional().describe("First 6-8 digits of card for issuer-specific offers (e.g., Naranja interest-free promotions)")
-      }),
-      execute: async (input) => {
-        const offers = await client.getInstallments({
-          amount: input.amount_ars,
-          ...input.payment_method_id !== void 0 ? { paymentMethodId: input.payment_method_id } : {},
-          ...input.bin !== void 0 ? { bin: input.bin } : {}
-        });
-        return {
-          amount: input.amount_ars,
-          offers: offers.map((o) => ({
-            payment_method_id: o.payment_method_id,
-            payment_type_id: o.payment_type_id,
-            issuer_name: o.issuer?.name ?? null,
-            options: o.payer_costs.map((pc) => ({
-              installments: pc.installments,
-              installment_amount: pc.installment_amount,
-              total_amount: pc.total_amount,
-              installment_rate: pc.installment_rate,
-              recommended_message: pc.recommended_message
-            }))
-          }))
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Account
-    // ─────────────────────────────────────────────────────────────────────────
-    get_account_info: tool({
-      description: desc("get_account_info"),
-      inputSchema: z.object({}),
-      execute: async () => {
-        const me = await client.getMe();
-        return {
-          account_id: me.id,
-          email: me.email,
-          nickname: me.nickname,
-          country_id: me.country_id,
-          site_id: me.site_id,
-          user_type: me.user_type
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Saved-card charging (v0.3)
-    // ─────────────────────────────────────────────────────────────────────────
-    charge_saved_card: tool({
-      description: desc("charge_saved_card"),
-      inputSchema: z.object({
-        customer_id: z.string().describe("MP customer id (from create_customer / find_customer_by_email)"),
-        card_id: z.string().describe("Saved card id (from list_customer_cards)"),
-        security_code: z.string().regex(/^\d{3,4}$/).describe("CVV \u2014 3 digits (Visa/Master) or 4 (Amex). User must provide this each charge in AR."),
-        amount_ars: z.number().positive(),
-        description: z.string().min(1).max(255),
-        installments: z.number().int().min(1).max(24).optional().describe("Default 1. Use calculate_installments first to pick a valid count."),
-        external_reference: z.string().optional(),
-        statement_descriptor: z.string().max(13).optional()
-      }),
-      execute: async (input) => {
-        const payment = await client.chargeSavedCard({
-          customerId: input.customer_id,
-          cardId: input.card_id,
-          securityCode: input.security_code,
-          amount: input.amount_ars,
-          description: input.description,
-          ...input.installments !== void 0 ? { installments: input.installments } : {},
-          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
-          ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
-          idempotencyKey: deterministicIdempotencyKey(
-            "charge_saved_card",
-            input.card_id,
-            input.amount_ars,
-            input.external_reference
-          )
-        });
-        return {
-          payment_id: payment.id,
-          status: payment.status,
-          status_detail: payment.status_detail,
-          amount: payment.transaction_amount,
-          installments: payment.installments,
-          payment_method: payment.payment_method_id,
-          customer_id: input.customer_id,
-          card_id: input.card_id,
-          external_reference: payment.external_reference,
-          date_approved: payment.date_approved
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // QR in-store (v0.3)
-    // ─────────────────────────────────────────────────────────────────────────
-    create_qr_payment: tool({
-      description: desc("create_qr_payment"),
-      inputSchema: z.object({
-        external_pos_id: z.string().describe("Pre-configured POS external_id from MP dashboard. Required."),
-        amount_ars: z.number().positive(),
-        title: z.string().min(1).max(80).describe("Display title shown when scanning"),
-        description: z.string().max(255).optional(),
-        external_reference: z.string().optional(),
-        notification_url: z.string().url().optional().describe("Webhook URL \u2014 falls back to dashboard config if omitted"),
-        expires_in_seconds: z.number().int().min(60).max(3600).optional().describe("Default 600 (10 min)")
-      }),
-      execute: async (input) => {
-        const QRCode = (await import('qrcode')).default;
-        const me = await client.getMe();
-        const userId = String(me.id);
-        const expiresAt = new Date(
-          Date.now() + (input.expires_in_seconds ?? 600) * 1e3
-        ).toISOString();
-        const qr = await client.createQrPayment(userId, {
-          externalPosId: input.external_pos_id,
-          totalAmount: input.amount_ars,
-          title: input.title,
-          ...input.description !== void 0 ? { description: input.description } : {},
-          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
-          ...input.notification_url !== void 0 ? { notificationUrl: input.notification_url } : {},
-          expirationDate: expiresAt
-        });
-        const qrDataUrl = await QRCode.toDataURL(qr.qr_data, {
-          errorCorrectionLevel: "M",
-          margin: 1,
-          width: 512
-        });
-        return {
-          in_store_order_id: qr.in_store_order_id,
-          qr_data: qr.qr_data,
-          qr_data_url: qrDataUrl,
-          expires_at: expiresAt,
-          external_pos_id: input.external_pos_id,
-          amount: input.amount_ars,
-          next_step: "Display the qr_data_url image to the buyer. Wait for the payment webhook (point_integration_wh fires first, then payment topic). If buyer doesn't scan in time, call cancel_qr_payment to free the POS."
-        };
-      }
-    }),
-    cancel_qr_payment: tool({
-      description: desc("cancel_qr_payment"),
-      inputSchema: z.object({
-        external_pos_id: z.string()
-      }),
-      execute: async ({ external_pos_id }) => {
-        const me = await client.getMe();
-        await client.cancelQrPayment(String(me.id), external_pos_id);
-        return { external_pos_id, cancelled: true };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Subscription Plans (v0.4)
-    // ─────────────────────────────────────────────────────────────────────────
-    create_subscription_plan: tool({
-      description: desc("create_subscription_plan"),
-      inputSchema: z.object({
-        reason: z.string().min(3).max(120).describe("Plan name shown at checkout"),
-        amount_ars: z.number().positive(),
-        frequency_months: z.number().int().min(1).max(12),
-        back_url: z.string().url().describe("HTTPS URL where MP redirects after first payment"),
-        external_reference: z.string().optional(),
-        free_trial_days: z.number().int().min(1).max(60).optional().describe("Free trial period in days before first charge")
-      }),
-      execute: async (input) => {
-        const plan = await client.createSubscriptionPlan({
-          reason: input.reason,
-          amount: input.amount_ars,
-          currency: "ARS",
-          frequency: input.frequency_months,
-          frequencyType: "months",
-          backUrl: input.back_url,
-          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
-          ...input.free_trial_days !== void 0 ? { freeTrialFrequency: input.free_trial_days, freeTrialFrequencyType: "days" } : {}
-        });
-        return {
-          plan_id: plan.id,
-          status: plan.status,
-          reason: plan.reason,
-          amount: plan.auto_recurring.transaction_amount,
-          currency: plan.auto_recurring.currency_id,
-          frequency: `${plan.auto_recurring.frequency} ${plan.auto_recurring.frequency_type}`,
-          external_reference: plan.external_reference,
-          next_step: "Use subscribe_to_plan to enroll customers in this plan, or share its ID for them to subscribe via your frontend."
-        };
-      }
-    }),
-    list_subscription_plans: tool({
-      description: desc("list_subscription_plans"),
-      inputSchema: z.object({
-        status: z.string().optional(),
-        limit: z.number().int().min(1).max(100).optional()
-      }),
-      execute: async (input) => {
-        const result = await client.listSubscriptionPlans({
-          ...input.status !== void 0 ? { status: input.status } : {},
-          ...input.limit !== void 0 ? { limit: input.limit } : {}
-        });
-        return {
-          total: result.paging.total,
-          plans: result.results.map((p) => ({
-            plan_id: p.id,
-            reason: p.reason,
-            status: p.status,
-            amount: p.auto_recurring.transaction_amount,
-            currency: p.auto_recurring.currency_id,
-            frequency: `${p.auto_recurring.frequency} ${p.auto_recurring.frequency_type}`
-          }))
-        };
-      }
-    }),
-    update_subscription_plan: tool({
-      description: desc("update_subscription_plan"),
-      inputSchema: z.object({
-        plan_id: z.string(),
-        reason: z.string().optional(),
-        amount_ars: z.number().positive().optional(),
-        status: z.enum(["active", "cancelled"]).optional(),
-        back_url: z.string().url().optional()
-      }),
-      execute: async (input) => {
-        const updated = await client.updateSubscriptionPlan(input.plan_id, {
-          ...input.reason !== void 0 ? { reason: input.reason } : {},
-          ...input.amount_ars !== void 0 ? { amount: input.amount_ars } : {},
-          ...input.status !== void 0 ? { status: input.status } : {},
-          ...input.back_url !== void 0 ? { backUrl: input.back_url } : {}
-        });
-        return {
-          plan_id: updated.id,
-          status: updated.status,
-          reason: updated.reason,
-          amount: updated.auto_recurring.transaction_amount,
-          message: input.amount_ars !== void 0 ? "Updated. Existing subscribers keep their old amount; only NEW subscribers get the new pricing." : "Plan updated."
-        };
-      }
-    }),
-    subscribe_to_plan: tool({
-      description: desc("subscribe_to_plan"),
-      inputSchema: z.object({
-        plan_id: z.string(),
-        customer_email: z.string().email(),
-        external_reference: z.string().optional()
-      }),
-      execute: async (input) => {
-        const sub = await client.subscribeToPlan({
-          planId: input.plan_id,
-          payerEmail: input.customer_email,
-          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {}
-        });
-        return {
-          subscription_id: sub.id,
-          status: sub.status,
-          payer_email: sub.payer_email,
-          init_point_url: sub.init_point,
-          next_step: "Send init_point_url to the customer for first payment with card+CVV."
-        };
-      }
-    }),
-    list_subscription_payments: tool({
-      description: desc("list_subscription_payments"),
-      inputSchema: z.object({
-        subscription_id: z.string(),
-        limit: z.number().int().min(1).max(100).optional()
-      }),
-      execute: async (input) => {
-        const result = await client.listSubscriptionPayments(input.subscription_id, {
-          ...input.limit !== void 0 ? { limit: input.limit } : {}
-        });
-        return {
-          subscription_id: input.subscription_id,
-          total: result.paging.total,
-          payments: result.results.map((p) => ({
-            authorized_payment_id: p.id,
-            payment_id: p.payment_id ?? null,
-            status: p.status,
-            amount: p.transaction_amount ?? null,
-            currency: p.currency_id ?? null,
-            debit_date: p.debit_date ?? null,
-            next_retry_date: p.next_retry_date ?? null,
-            retry_attempt: p.retry_attempt ?? 0,
-            reason: p.reason ?? null
-          }))
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Stores + POS (v0.4)
-    // ─────────────────────────────────────────────────────────────────────────
-    create_store: tool({
-      description: desc("create_store"),
-      inputSchema: z.object({
-        name: z.string().min(1).max(80),
-        external_id: z.string().min(1).max(64).describe("Unique within the seller's stores"),
-        address_line: z.string().optional(),
-        city_name: z.string().optional(),
-        state_name: z.string().optional()
-      }),
-      execute: async (input) => {
-        const me = await client.getMe();
-        const store = await client.createStore(String(me.id), {
-          name: input.name,
-          externalId: input.external_id,
-          ...input.address_line || input.city_name || input.state_name ? {
-            location: {
-              ...input.address_line ? { addressLine: input.address_line } : {},
-              ...input.city_name ? { cityName: input.city_name } : {},
-              ...input.state_name ? { stateName: input.state_name } : {},
-              countryId: "AR"
-            }
-          } : {}
-        });
-        return {
-          store_id: store.id,
-          name: store.name,
-          external_id: store.external_id,
-          next_step: "Use create_pos with this store_id to add a Point of Sale where create_qr_payment can issue QRs."
-        };
-      }
-    }),
-    list_stores: tool({
-      description: desc("list_stores"),
-      inputSchema: z.object({
-        limit: z.number().int().min(1).max(100).optional()
-      }),
-      execute: async (input) => {
-        const me = await client.getMe();
-        const result = await client.listStores(String(me.id), {
-          ...input.limit !== void 0 ? { limit: input.limit } : {}
-        });
-        return {
-          total: result.paging.total,
-          stores: result.results.map((s) => ({
-            store_id: s.id,
-            name: s.name ?? null,
-            external_id: s.external_id ?? null
-          }))
-        };
-      }
-    }),
-    create_pos: tool({
-      description: desc("create_pos"),
-      inputSchema: z.object({
-        name: z.string().min(1).max(80),
-        external_id: z.string().min(1).max(64).describe("Unique within the store. This is what create_qr_payment uses."),
-        store_id: z.string().describe("From create_store / list_stores"),
-        category: z.number().int().optional().describe("MP category code, default 621102 (other food/beverage)"),
-        fixed_amount: z.boolean().optional().describe("True for static QR with fixed amount; false (default) for dynamic per-order QR")
-      }),
-      execute: async (input) => {
-        const pos = await client.createPos({
-          name: input.name,
-          externalId: input.external_id,
-          storeId: input.store_id,
-          ...input.category !== void 0 ? { category: input.category } : {},
-          ...input.fixed_amount !== void 0 ? { fixedAmount: input.fixed_amount } : {}
-        });
-        return {
-          pos_id: pos.id,
-          external_id: pos.external_id,
-          store_id: pos.store_id,
-          name: pos.name,
-          next_step: "Use create_qr_payment with this external_id to start issuing dynamic QRs from this POS."
-        };
-      }
-    }),
-    list_pos: tool({
-      description: desc("list_pos"),
-      inputSchema: z.object({
-        store_id: z.string().optional(),
-        limit: z.number().int().min(1).max(100).optional()
-      }),
-      execute: async (input) => {
-        const result = await client.listPos({
-          ...input.store_id !== void 0 ? { storeId: input.store_id } : {},
-          ...input.limit !== void 0 ? { limit: input.limit } : {}
-        });
-        return {
-          total: result.paging.total,
-          pos: result.results.map((p) => ({
-            pos_id: p.id,
-            external_id: p.external_id ?? null,
-            store_id: p.store_id ?? null,
-            name: p.name ?? null
-          }))
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Disputes (v0.4 — read-only)
-    // ─────────────────────────────────────────────────────────────────────────
-    list_payment_disputes: tool({
-      description: desc("list_payment_disputes"),
-      inputSchema: z.object({ payment_id: z.string() }),
-      execute: async ({ payment_id }) => {
-        const disputes = await client.listPaymentDisputes(payment_id);
-        return {
-          payment_id,
-          count: disputes.length,
-          disputes: disputes.map((d) => ({
-            dispute_id: d.id,
-            status: d.status,
-            amount: d.amount ?? null,
-            reason: d.reason ?? null,
-            date_created: d.date_created ?? null,
-            dashboard_url: `https://www.mercadopago.com.ar/disputes/${d.id}`
-          }))
-        };
-      }
-    }),
-    get_dispute: tool({
-      description: desc("get_dispute"),
-      inputSchema: z.object({
-        payment_id: z.string(),
-        dispute_id: z.string()
-      }),
-      execute: async ({ payment_id, dispute_id }) => {
-        const d = await client.getDispute(payment_id, dispute_id);
-        return {
-          dispute_id: d.id,
-          status: d.status,
-          amount: d.amount ?? null,
-          reason: d.reason ?? null,
-          reason_description: d.reason_description ?? null,
-          resolution: d.resolution ?? null,
-          date_created: d.date_created ?? null,
-          dashboard_url: `https://www.mercadopago.com.ar/disputes/${d.id}`
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Lookup helpers (v0.4)
-    // ─────────────────────────────────────────────────────────────────────────
-    list_identification_types: tool({
-      description: desc("list_identification_types"),
-      inputSchema: z.object({}),
-      execute: async () => {
-        const types = await client.listIdentificationTypes();
-        return {
-          count: types.length,
-          types: types.map((t) => ({
-            id: t.id,
-            name: t.name,
-            type: t.type,
-            min_length: t.min_length ?? null,
-            max_length: t.max_length ?? null
-          }))
-        };
-      }
-    }),
-    list_issuers: tool({
-      description: desc("list_issuers"),
-      inputSchema: z.object({
-        payment_method_id: z.string().describe("E.g. 'visa', 'master', 'naranja'"),
-        bin: z.string().min(6).max(8).optional().describe("First 6-8 digits of card for precise issuer detection")
-      }),
-      execute: async (input) => {
-        const issuers = await client.listIssuers({
-          paymentMethodId: input.payment_method_id,
-          ...input.bin !== void 0 ? { bin: input.bin } : {}
-        });
-        return {
-          payment_method_id: input.payment_method_id,
-          count: issuers.length,
-          issuers: issuers.map((i) => ({
-            issuer_id: i.id,
-            name: i.name,
-            status: i.status ?? null
-          }))
-        };
-      }
-    }),
-    // ─────────────────────────────────────────────────────────────────────────
-    // Webhooks management (v0.4)
-    // ─────────────────────────────────────────────────────────────────────────
-    list_webhooks: tool({
-      description: desc("list_webhooks"),
-      inputSchema: z.object({}),
-      execute: async () => {
-        const hooks = await client.listWebhooks();
-        return {
-          count: hooks.length,
-          webhooks: hooks.map((h) => ({
-            webhook_id: h.id,
-            url: h.url ?? null,
-            topic: h.topic ?? null,
-            status: h.status ?? null,
-            date_created: h.date_created ?? null
-          }))
-        };
-      }
-    }),
-    create_webhook: tool({
-      description: desc("create_webhook"),
-      inputSchema: z.object({
-        url: z.string().url(),
-        topic: z.string().describe("E.g. 'payment', 'subscription_authorized_payment', 'subscription_preapproval', 'merchant_order', 'point_integration_wh'")
-      }),
-      execute: async ({ url, topic }) => {
-        const hook = await client.createWebhook({ url, topic });
-        return {
-          webhook_id: hook.id,
-          url: hook.url ?? url,
-          topic: hook.topic ?? topic,
-          status: hook.status ?? null
-        };
-      }
-    }),
-    update_webhook: tool({
-      description: desc("update_webhook"),
-      inputSchema: z.object({
-        webhook_id: z.string(),
-        url: z.string().url().optional(),
-        topic: z.string().optional()
-      }),
-      execute: async (input) => {
-        const hook = await client.updateWebhook(input.webhook_id, {
-          ...input.url !== void 0 ? { url: input.url } : {},
-          ...input.topic !== void 0 ? { topic: input.topic } : {}
-        });
-        return {
-          webhook_id: hook.id,
-          url: hook.url ?? null,
-          topic: hook.topic ?? null,
-          status: hook.status ?? null
-        };
-      }
-    }),
-    delete_webhook: tool({
-      description: desc("delete_webhook"),
-      inputSchema: z.object({ webhook_id: z.string() }),
-      execute: async ({ webhook_id }) => {
-        await client.deleteWebhook(webhook_id);
-        return { webhook_id, deleted: true };
-      }
-    })
-  };
-}
-
-// src/state.ts
-var InMemoryStateAdapter = class {
-  store = /* @__PURE__ */ new Map();
-  async set(id, state) {
-    const existing = this.store.get(id) ?? {};
-    this.store.set(id, { ...existing, ...state });
-  }
-  async get(id) {
-    return this.store.get(id) ?? null;
-  }
-  async list() {
-    return Array.from(this.store.keys());
-  }
-  /** Test helper: drop everything. Not part of the adapter interface. */
-  reset() {
-    this.store.clear();
-  }
+  // ──────────────────────────────────────────────────────────────────────────
+  // v0.5 — Order Management API
+  //
+  // The Order API is MP's newer abstraction for purchases, replacing some
+  // Preference flows. Distinct from Preference: Order is a transactional
+  // entity with explicit lifecycle (created → processed → captured/canceled),
+  // supports manual capture (auth-only, capture later), and can attach
+  // multiple payments to a single Order.
+  //
+  // Use Order when you need:
+  // - Auth-only flow (capture later, e.g. ride-share, hotels)
+  // - Multi-payment aggregation (one Order = N partial payments)
+  // - In-store + online unified status
+  //
+  // Stick with Preference (Checkout Pro) when you just need a hosted pay-link.
+  // ──────────────────────────────────────────────────────────────────────────
+  /**
+   * Create a new Order. Use `capture_mode: "manual"` for auth-only flows
+   * where you want to capture funds later (ride-share, hotels, marketplaces).
+   *
+   * For marketplace splits, set `marketplace`, `marketplace_fee`,
+   * `collector_id` — see `MarketplaceParams`.
+   */
+  async createOrder(params, options) {
+    const body = {
+      type: params.type
+    };
+    if (params.currency_id) body.currency_id = params.currency_id;
+    if (params.external_reference) body.external_reference = params.external_reference;
+    if (params.items) body.items = params.items;
+    if (params.total_amount !== void 0) body.total_amount = params.total_amount;
+    if (params.payer) body.payer = params.payer;
+    if (params.capture_mode) body.capture_mode = params.capture_mode;
+    if (params.notification_url) body.notification_url = params.notification_url;
+    if (params.marketplace) body.marketplace = params.marketplace;
+    if (params.marketplace_fee !== void 0) body.marketplace_fee = params.marketplace_fee;
+    if (params.collector_id !== void 0) body.collector_id = params.collector_id;
+    return this.request("POST", "/v1/orders", body, options);
+  }
+  async getOrder(id) {
+    return this.request("GET", `/v1/orders/${id}`);
+  }
+  async updateOrder(id, patch) {
+    return this.request("PUT", `/v1/orders/${id}`, patch);
+  }
+  /**
+   * Capture a previously-authorized Order (only for orders created with
+   * `capture_mode: "manual"`). Captures up to the originally-authorized
+   * amount; pass `amount` for partial capture.
+   */
+  async captureOrder(id, amount) {
+    const body = amount !== void 0 ? { amount } : {};
+    return this.request("POST", `/v1/orders/${id}/capture`, body);
+  }
+  /**
+   * Cancel an Order. Releases any auth-holds; marks the Order as canceled.
+   * For orders that have already been captured, use `createRefund` instead.
+   */
+  async cancelOrder(id) {
+    return this.request("POST", `/v1/orders/${id}/cancel`);
+  }
 };
 z.enum(["MLA", "MLB", "MLM", "MCO", "MLC", "MLU"]);
 var CurrencyIdSchema = z.enum(["ARS", "USD", "BRL", "MXN"]);
@@ -2267,8 +1256,122 @@ z.object({
   date_created: z.string().optional(),
   date_modified: z.string().optional()
 }).passthrough();
+var OAuthTokenSchema = z.object({
+  access_token: z.string(),
+  token_type: z.string().optional(),
+  /** Seconds until access_token expires. Typically 21600 (6h). */
+  expires_in: z.number().optional(),
+  scope: z.string().optional(),
+  /** The MP user_id of the seller who authorized your app. */
+  user_id: z.union([z.string(), z.number()]).transform(String),
+  refresh_token: z.string().optional(),
+  public_key: z.string().optional(),
+  live_mode: z.boolean().optional()
+}).passthrough();
+var OrderStatusSchema = z.union([
+  z.literal("created"),
+  z.literal("processed"),
+  z.literal("action_required"),
+  z.literal("canceled"),
+  z.literal("expired"),
+  z.literal("refunded"),
+  z.string()
+]);
+var OrderItemSchema = z.object({
+  title: z.string(),
+  unit_price: z.number(),
+  quantity: z.number(),
+  description: z.string().optional(),
+  id: z.string().optional(),
+  category_id: z.string().optional(),
+  picture_url: z.string().optional()
+}).passthrough();
+z.object({
+  id: z.union([z.string(), z.number()]).transform(String),
+  type: z.string().optional(),
+  status: OrderStatusSchema.optional(),
+  status_detail: z.string().optional(),
+  external_reference: z.string().optional(),
+  total_amount: z.union([z.number(), z.string()]).optional(),
+  /** Currency for this Order (e.g. "ARS"). */
+  currency_id: z.string().optional(),
+  date_created: z.string().optional(),
+  date_last_updated: z.string().optional(),
+  items: z.array(OrderItemSchema).optional(),
+  /** Underlying transactions (payments) attached to this Order. */
+  transactions: z.object({
+    payments: z.array(z.unknown()).optional(),
+    refunds: z.array(z.unknown()).optional()
+  }).passthrough().optional(),
+  /** Capture mode: "automatic" (charges immediately) or "manual" (auth-only). */
+  capture_mode: z.string().optional()
+}).passthrough();
 
-// src/webhook.ts
+// src/oauth.ts
+var DEFAULT_AUTHORIZE_URL = "https://auth.mercadopago.com.ar/authorization";
+var DEFAULT_TOKEN_URL = "https://api.mercadopago.com/oauth/token";
+function buildAuthorizeUrl(params) {
+  const url = new URL(params.authorizeUrl ?? DEFAULT_AUTHORIZE_URL);
+  url.searchParams.set("client_id", params.clientId);
+  url.searchParams.set("response_type", "code");
+  url.searchParams.set("platform_id", "mp");
+  url.searchParams.set("redirect_uri", params.redirectUri);
+  if (params.state) url.searchParams.set("state", params.state);
+  return url.toString();
+}
+async function exchangeCodeForToken(params) {
+  const url = params.tokenUrl ?? DEFAULT_TOKEN_URL;
+  const fetchFn = params.fetchImpl ?? globalThis.fetch;
+  const res = await fetchFn(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json"
+    },
+    body: new URLSearchParams({
+      grant_type: "authorization_code",
+      client_id: params.clientId,
+      client_secret: params.clientSecret,
+      code: params.code,
+      redirect_uri: params.redirectUri
+    }).toString()
+  });
+  return parseTokenResponse(res);
+}
+async function refreshAccessToken(params) {
+  const url = params.tokenUrl ?? DEFAULT_TOKEN_URL;
+  const fetchFn = params.fetchImpl ?? globalThis.fetch;
+  const res = await fetchFn(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json"
+    },
+    body: new URLSearchParams({
+      grant_type: "refresh_token",
+      client_id: params.clientId,
+      client_secret: params.clientSecret,
+      refresh_token: params.refreshToken
+    }).toString()
+  });
+  return parseTokenResponse(res);
+}
+async function parseTokenResponse(res) {
+  const text = await res.text();
+  if (!res.ok) {
+    throw new Error(
+      `MP OAuth ${res.status}: ${text.slice(0, 300)}`
+    );
+  }
+  const json = JSON.parse(text);
+  return OAuthTokenSchema.parse(json);
+}
+function expirationTimeMs(issuedAtMs, expiresInSeconds) {
+  return issuedAtMs + (expiresInSeconds ?? 21600) * 1e3;
+}
+function isExpiringSoon(expirationMs, skewSeconds = 300) {
+  return Date.now() + skewSeconds * 1e3 >= expirationMs;
+}
 function parseWebhookEvent(body, searchParams) {
   const parseResult = WebhookBodySchema.safeParse(body ?? {});
   const parsedBody = parseResult.success ? parseResult.data : {};
@@ -2284,20 +1387,1422 @@ function parseWebhookEvent(body, searchParams) {
     raw: parsedBody
   };
 }
-function verifyWebhookSignature(params) {
-  if (!params.signatureHeader || !params.requestId) return false;
-  const parts = Object.fromEntries(
-    params.signatureHeader.split(",").map((segment) => segment.trim().split("="))
-  );
-  const ts = parts.ts;
-  const v1 = parts.v1;
-  if (!ts || !v1) return false;
-  const manifest = `id:${params.dataId};request-id:${params.requestId};ts:${ts};`;
-  const expected = createHmac("sha256", params.secret).update(manifest).digest("hex");
-  if (expected.length !== v1.length) return false;
-  return timingSafeEqual(Buffer.from(expected), Buffer.from(v1));
-}
+function verifyWebhookSignature(params) {
+  if (!params.signatureHeader || !params.requestId) return false;
+  const parts = Object.fromEntries(
+    params.signatureHeader.split(",").map((segment) => segment.trim().split("="))
+  );
+  const ts = parts.ts;
+  const v1 = parts.v1;
+  if (!ts || !v1) return false;
+  const manifest = `id:${params.dataId};request-id:${params.requestId};ts:${ts};`;
+  const expected = createHmac("sha256", params.secret).update(manifest).digest("hex");
+  if (expected.length !== v1.length) return false;
+  return timingSafeEqual(Buffer.from(expected), Buffer.from(v1));
+}
+
+// src/tools.ts
+function deterministicIdempotencyKey(...parts) {
+  const payload = parts.filter((p) => p !== void 0 && p !== null).map(String).join("|");
+  return createHash("sha256").update(payload).digest("hex").slice(0, 32);
+}
+var DEFAULT_DESCRIPTIONS = {
+  // ── Subscriptions ────────────────────────────────────────────────────────
+  create_subscription: "Create a Mercado Pago recurring subscription. Returns an init_point URL where the customer must complete the FIRST payment with their card and CVV (this is a hard MP requirement; agents cannot bypass it). After they pay, MP will auto-charge at the configured frequency without further intervention.",
+  get_subscription_status: "Check the current status of a Mercado Pago subscription. Use this to confirm the customer completed the first payment (status becomes 'authorized') or to inspect the next charge date.",
+  cancel_subscription: "Cancel an active Mercado Pago subscription. After cancellation, MP will not charge the customer again. This action is irreversible \u2014 confirm with the user before calling.",
+  pause_subscription: "Pause an authorized Mercado Pago subscription. Charges stop until resumed. Only works on subscriptions in 'authorized' status.",
+  resume_subscription: "Resume a paused Mercado Pago subscription. Charges resume on the next scheduled date. Only works on subscriptions in 'paused' status.",
+  // ── Payments ─────────────────────────────────────────────────────────────
+  create_payment: "Create a one-time payment. Two flows: (a) with a card token from MP frontend Cardform \u2014 for transparent checkout; (b) without token, for non-card methods like 'account_money', 'rapipago', 'pagofacil'. For most agent flows where you only have a payer email and want to send them a payment link, use create_payment_preference instead (Checkout Pro hosted form). Returns the Payment object with status \u2014 typically 'approved' for account_money and 'pending' for tickets.",
+  get_payment: "Fetch a single payment by ID. Use to confirm status after webhook arrives, or to inspect details (status_detail explains rejections).",
+  search_payments: "Search payments with filters. Most common: by external_reference (your-system identifier) to find all payments for an order, or by status='approved' to list successful charges in a date range. Returns paginated results.",
+  cancel_payment: "Cancel a pending or in_process payment (only works before approval). Once approved, use refund_payment instead. Common use: cancel an unpaid ticket payment that's still pending.",
+  capture_payment: "Capture an authorized credit-card payment that was created with capture=false. Use for hold-then-capture flows (e.g., authorize on order, capture on shipment). Optional partial amount.",
+  // ── Refunds ──────────────────────────────────────────────────────────────
+  refund_payment: "Refund an approved payment. Pass amount for partial refund; omit for full refund. Idempotency key is auto-generated based on paymentId+amount to prevent double-refunds on retries.",
+  list_refunds: "List all refunds for a given payment. Returns array of Refund objects. Useful to confirm a refund was processed or to inspect partial-refund history.",
+  // ── Checkout Pro ─────────────────────────────────────────────────────────
+  create_payment_preference: "Create a Mercado Pago Checkout Pro preference and get back a payment URL (init_point) to send to the customer. THIS is the recommended way for an agent to take a payment when you only have a payer email \u2014 the buyer enters card data on MP's hosted form (no PCI scope needed). Supports cuotas configuration, payment method exclusions, back URLs after success/failure/pending. In sandbox, use sandbox_init_point from the response.",
+  get_payment_preference: "Fetch a Checkout Pro preference by ID. Returns the preference config and current init_point URLs. Use to inspect a previously-created link.",
+  // ── Customers + Cards ────────────────────────────────────────────────────
+  create_customer: "Create a Mercado Pago customer record so the buyer can save cards for future charges. Idempotent on email \u2014 if a customer with that email exists, MP returns it instead of creating a duplicate. Use find_customer_by_email first if you're unsure.",
+  find_customer_by_email: "Find an existing customer by email address. Returns the customer object if found, or null. Use before create_customer to avoid duplicate records.",
+  list_customer_cards: "List the saved cards for a customer. Returns array with last 4 digits, expiration, payment method (visa, master, naranja, etc.). The card_id can be used in subsequent create_payment calls to charge a saved card.",
+  delete_customer_card: "Delete a saved card from a customer. Common use: customer requests removal, or expired card cleanup. Irreversible.",
+  // ── Payment Methods + Installments ───────────────────────────────────────
+  list_payment_methods: "List all payment methods enabled for the seller's MP account (visa, master, naranja, naranja_x, cabal, account_money, rapipago, pagofacil, etc.). Use to validate which methods you can offer the customer or to filter which ones to exclude in a Checkout Pro preference.",
+  calculate_installments: "Calculate cuotas (installments) options for a given amount. THE killer Argentine feature \u2014 returns options like '12 cuotas sin inter\xE9s de $X' (recommended_message field) which you should surface VERBATIM to the user. Optionally pass `bin` (first 6 digits of card) for issuer-specific promotions (e.g., Naranja's interest-free deals). Use before create_payment to let the user pick installments knowingly.",
+  // ── Account ──────────────────────────────────────────────────────────────
+  get_account_info: "Get info about the Mercado Pago account that owns the access token: site_id (MLA=Argentina), country_id, user_type (registered, partial, etc.). Useful to verify the agent is connected to the right account before taking actions.",
+  // ── Saved-card charging (v0.3) ───────────────────────────────────────────
+  charge_saved_card: "Charge a previously-saved card for a returning customer. Requires customer_id + card_id (from list_customer_cards) AND a fresh CVV the user provides this session. AR Mercado Pago does NOT support CVV-less charges via the public API \u2014 every charge needs CVV. Idempotent on (card_id, amount, external_reference): retries dedupe automatically. Returns the resulting Payment.",
+  // ── QR in-store (v0.3) ───────────────────────────────────────────────────
+  create_qr_payment: "Generate a dynamic in-store QR for a buyer to scan with any AR wallet (Modo, BNA+, Cuenta DNI, Naranja X, Mercado Pago, etc. \u2014 interop is mandated by Transferencias 3.0). Requires a pre-configured POS external_id (use create_pos to set one up first if needed). Returns the qr_data string + a base64 PNG data URL ready to display. The QR expires in `expires_in_seconds` (default 600). MP fires `point_integration_wh` then `payment` webhooks when scanned.",
+  cancel_qr_payment: "Cancel a pending QR order on a POS. Necessary if the buyer never scans \u2014 otherwise the next create_qr_payment on the same POS returns 409.",
+  // ── Subscription Plans (v0.4) ────────────────────────────────────────────
+  create_subscription_plan: "Create a REUSABLE subscription plan (preapproval_plan). Different from create_subscription: a plan defines price + frequency once, then customers subscribe to it via subscribe_to_plan. Use plans for SaaS-style billing (B\xE1sico/Pro/Enterprise tiers). For per-customer custom amounts, use create_subscription directly.",
+  list_subscription_plans: "List all subscription plans defined for this MP account. Useful before create_subscription_plan to check if one already exists, or for surfacing options to a customer.",
+  update_subscription_plan: "Update a subscription plan's reason / amount / status / back_url. Existing customer subscriptions to the plan are NOT automatically updated \u2014 only NEW subscribers get the new pricing.",
+  subscribe_to_plan: "Subscribe a customer to an existing reusable plan. Returns a Preapproval with init_point URL where the customer completes first payment. Cleaner than create_subscription when you have fixed tiers.",
+  list_subscription_payments: "List the auto-charge attempts (authorized_payments) under a subscription. Useful for 'show me the cobros del \xFAltimo mes for this client' or to debug a failing recurring charge.",
+  // ── Stores + POS (v0.4) ──────────────────────────────────────────────────
+  create_store: "Create a store under the seller's MP account. Stores are the parent entity for POSes (which generate QR payments). Required ONE-TIME setup before create_pos. Pass a unique external_id and a display name.",
+  list_stores: "List all stores configured for this MP account. Use this to find an existing store_id before create_pos, or to surface store options to the agent.",
+  create_pos: "Create a POS (Point of Sale) under a store. The POS's external_id is what create_qr_payment uses. Each physical checkout / counter / agent typically has its own POS. Categories are MP-defined (default 621102 = Other Food and Beverage Services).",
+  list_pos: "List all POSes for the seller (or filtered by store_id). Use to find an existing POS before create_qr_payment, or to surface options.",
+  // ── Disputes (v0.4 — read-only) ──────────────────────────────────────────
+  list_payment_disputes: "List all disputes / chargebacks raised against a payment. Read-only \u2014 resolution is dashboard-only. Surface the dashboard URL `https://www.mercadopago.com.ar/disputes/{dispute_id}` to the user when they need to respond.",
+  get_dispute: "Get details of a specific dispute including reason, amount, resolution status. Read-only.",
+  // ── Lookup helpers (v0.4) ────────────────────────────────────────────────
+  list_identification_types: "List valid identification types for the seller's site. AR returns: DNI, CI, LE, LC, Otro, Pasaporte, CUIT, CUIL with their min/max length. Useful to validate an identification before passing to create_payment.",
+  list_issuers: "List card issuers (banks) that support a payment_method_id. Optionally filter by `bin` (first 6 digits of the card) for accurate issuer detection. Useful with calculate_installments \u2014 issuer-specific promos (e.g., Naranja Galicia 6 cuotas sin inter\xE9s) only appear when the issuer is identified.",
+  // ── Webhooks management (v0.4) ───────────────────────────────────────────
+  list_webhooks: "List all webhook subscriptions configured for this MP application. Use to see what topics + URLs are wired before adding new ones.",
+  create_webhook: "Subscribe a webhook URL to a MP topic (payment, subscription_authorized_payment, subscription_preapproval, merchant_order, point_integration_wh). MP will POST to this URL when events of that topic fire.",
+  update_webhook: "Update a webhook's URL or topic. Useful when you change deployment URLs without resubscribing from scratch.",
+  delete_webhook: "Delete a webhook subscription. MP stops POSTing to it immediately.",
+  // ── Webhook handler combo (v0.5) ─────────────────────────────────────────
+  handle_webhook: "Process an incoming MP webhook in ONE call: verify the HMAC-SHA256 signature, parse the event, and (optionally) auto-fetch the underlying resource (Payment, Subscription, Order). Returns the structured event PLUS the full resource. USE THIS in your webhook endpoint INSTEAD of chaining verify_webhook_signature + parse_webhook_event + get_payment manually. Pass the raw request body, x-signature header, x-request-id header, and your MP webhook secret. SAFE: returns { verified: false } when signature mismatches \u2014 caller should respond 401 and stop processing. WHEN auto_fetch is true (default), the resource is fetched as the SAME MP user the client is configured for (so for marketplace integrations, instantiate a per-seller client).",
+  // ── OAuth Marketplace (v0.5) ─────────────────────────────────────────────
+  oauth_authorize_url: "Build the URL the SELLER (third-party MP account) visits to authorize your marketplace app. Pass the seller's redirect uri (must be whitelisted in MP dev panel) and an opaque state token (CSRF protection \u2014 bind it to the user's session). PURE FUNCTION: no network. The seller approves, MP redirects them to your `redirect_uri?code=...&state=...`. Then call oauth_exchange_code with the code.",
+  oauth_exchange_code: "Exchange the authorization code (from the OAuth redirect) for an `OAuthToken`. Returns access_token, refresh_token, user_id, and expires_in. **PERSIST the entire response** \u2014 refresh_token is long-lived and the only way to keep the integration alive past 6h. Use the access_token to instantiate a per-seller MercadoPagoClient for marketplace flows.",
+  oauth_refresh_token: "Refresh a per-seller access_token using the saved refresh_token. Call PROACTIVELY before expires_in elapses, or REACTIVELY on a 401 from a per-seller MercadoPagoClient. Returns a fresh OAuthToken \u2014 persist the new refresh_token (MP often returns the same value, but always replace).",
+  // ── Order Management API (v0.5 — modern Order API) ───────────────────────
+  create_order: "Create a new Order via MP's modern Order Management API. DIFFERENT from create_payment_preference: Order is a transactional entity with explicit lifecycle (created \u2192 processed \u2192 captured/canceled), supports MANUAL CAPTURE (auth-only, capture later \u2014 for ride-share, hotels, marketplaces) and aggregates multiple payments into one Order. Use Preference (Checkout Pro) for simple hosted pay-links; use Order when you need auth-only or multi-payment-per-order semantics. For marketplace splits, set marketplace + marketplace_fee + collector_id (the SELLER's MP user_id from oauth_exchange_code).",
+  get_order: "Fetch an Order by ID. Returns the Order with its lifecycle status and any attached payments/refunds.",
+  update_order: "Patch an existing Order before it's captured/canceled. Common use: update items or external_reference.",
+  capture_order: "Capture a previously-authorized Order (only for orders created with capture_mode='manual'). Captures up to the originally-authorized amount; pass amount for partial capture. Common use: ride-share marks ride complete \u2192 capture; hotel checks-out guest \u2192 capture.",
+  cancel_order: "Cancel an Order. Releases any auth-holds and marks the Order as canceled. For orders that have already been CAPTURED, use refund_payment instead \u2014 cancel only works pre-capture."
+};
+function mercadoPagoTools(client, options) {
+  const desc = (name) => options.descriptions?.[name] ?? DEFAULT_DESCRIPTIONS[name];
+  return {
+    // ─────────────────────────────────────────────────────────────────────────
+    // Subscriptions (v0.1 — kept identical for backward compatibility)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_subscription: tool({
+      description: desc("create_subscription"),
+      inputSchema: z.object({
+        customer_email: z.string().email().describe("Email of the customer who will be charged"),
+        amount_ars: z.number().positive().describe("Amount in Argentine Pesos per recurring charge"),
+        frequency_months: z.number().int().positive().max(12).describe("Frequency in months (1=monthly, 3=quarterly, 12=yearly)"),
+        reason: z.string().min(3).max(120).describe("Short description shown to the customer at checkout"),
+        external_reference: z.string().optional().describe("Optional id from your system to track this subscription")
+      }),
+      execute: async ({ customer_email, amount_ars, frequency_months, reason, external_reference }) => {
+        const created = await client.createPreapproval({
+          reason,
+          payerEmail: customer_email,
+          amount: amount_ars,
+          currency: "ARS",
+          frequency: frequency_months,
+          frequencyType: "months",
+          backUrl: options.backUrl,
+          ...external_reference !== void 0 ? { externalReference: external_reference } : {}
+        });
+        await options.state.set(created.id, {
+          status: created.status,
+          payerEmail: customer_email,
+          amount: amount_ars,
+          currency: "ARS",
+          frequency: frequency_months,
+          frequencyType: "months",
+          initPoint: created.init_point,
+          ...external_reference !== void 0 ? { externalReference: external_reference } : {},
+          createdAt: (/* @__PURE__ */ new Date()).toISOString()
+        });
+        return {
+          subscription_id: created.id,
+          status: created.status,
+          init_point_url: created.init_point,
+          next_step: "Send init_point_url to the customer. They must complete the first payment with card+CVV. Use get_subscription_status to confirm activation after they pay."
+        };
+      }
+    }),
+    get_subscription_status: tool({
+      description: desc("get_subscription_status"),
+      inputSchema: z.object({
+        subscription_id: z.string().describe("The Mercado Pago subscription/preapproval ID")
+      }),
+      execute: async ({ subscription_id }) => {
+        const fresh = await client.getPreapproval(subscription_id);
+        const cached = await options.state.get(subscription_id);
+        return {
+          subscription_id: fresh.id,
+          status: fresh.status,
+          payer_email: fresh.payer_email,
+          amount: fresh.auto_recurring.transaction_amount,
+          currency: fresh.auto_recurring.currency_id,
+          next_payment_date: fresh.next_payment_date ?? null,
+          last_webhook_status: cached?.lastWebhookStatus ?? null,
+          last_webhook_at: cached?.lastWebhookAt ?? null
+        };
+      }
+    }),
+    cancel_subscription: tool({
+      description: desc("cancel_subscription"),
+      inputSchema: z.object({
+        subscription_id: z.string().describe("The Mercado Pago subscription/preapproval ID to cancel")
+      }),
+      execute: async ({ subscription_id }) => {
+        const cancelled = await client.cancelPreapproval(subscription_id);
+        await options.state.set(subscription_id, {
+          status: cancelled.status,
+          cancelledAt: (/* @__PURE__ */ new Date()).toISOString()
+        });
+        return {
+          subscription_id: cancelled.id,
+          status: cancelled.status,
+          message: "Subscription cancelled. No further charges will occur."
+        };
+      }
+    }),
+    pause_subscription: tool({
+      description: desc("pause_subscription"),
+      inputSchema: z.object({ subscription_id: z.string() }),
+      execute: async ({ subscription_id }) => {
+        const paused = await client.pausePreapproval(subscription_id);
+        await options.state.set(subscription_id, { status: paused.status });
+        return {
+          subscription_id: paused.id,
+          status: paused.status,
+          message: "Subscription paused. Use resume_subscription to reactivate."
+        };
+      }
+    }),
+    resume_subscription: tool({
+      description: desc("resume_subscription"),
+      inputSchema: z.object({ subscription_id: z.string() }),
+      execute: async ({ subscription_id }) => {
+        const resumed = await client.resumePreapproval(subscription_id);
+        await options.state.set(subscription_id, { status: resumed.status });
+        return {
+          subscription_id: resumed.id,
+          status: resumed.status,
+          message: "Subscription resumed. Charges will continue on next scheduled date."
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Payments (v0.2)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_payment: tool({
+      description: desc("create_payment"),
+      inputSchema: z.object({
+        amount_ars: z.number().positive().describe("Amount in ARS"),
+        payment_method_id: z.string().describe("MP payment method id (e.g. 'account_money', 'rapipago', 'visa', 'master', 'naranja')"),
+        payer_email: z.string().email().describe("Email of the payer. Cannot equal seller email."),
+        token: z.string().optional().describe("Card token from MP frontend Cardform. Required for credit/debit; omit for cash/account_money."),
+        installments: z.number().int().min(1).max(24).optional().describe("Number of installments (cuotas). Default 1. Use calculate_installments first to see options."),
+        description: z.string().max(255).optional().describe("Short description"),
+        external_reference: z.string().optional().describe("Your-system identifier"),
+        identification: z.object({
+          type: z.enum(["DNI", "CUIT", "CUIL"]),
+          number: z.string()
+        }).optional().describe("Payer identification \u2014 required for some payment types in AR"),
+        statement_descriptor: z.string().max(13).optional().describe("Shows on buyer's card statement (max 13 chars)")
+      }),
+      execute: async (input) => {
+        const payment = await client.createPayment({
+          transactionAmount: input.amount_ars,
+          paymentMethodId: input.payment_method_id,
+          payerEmail: input.payer_email,
+          ...input.token !== void 0 ? { token: input.token } : {},
+          ...input.installments !== void 0 ? { installments: input.installments } : {},
+          ...input.description !== void 0 ? { description: input.description } : {},
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.identification !== void 0 ? { identification: input.identification } : {},
+          ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
+          ...options.notificationUrl !== void 0 ? { notificationUrl: options.notificationUrl } : {},
+          // Deterministic idempotency key — safe to retry, same inputs always
+          // produce the same key (MP dedupes on its side).
+          idempotencyKey: deterministicIdempotencyKey(
+            "create_payment",
+            input.external_reference ?? input.payer_email,
+            input.amount_ars,
+            input.payment_method_id,
+            input.token
+          )
+        });
+        return {
+          payment_id: payment.id,
+          status: payment.status,
+          status_detail: payment.status_detail,
+          amount: payment.transaction_amount,
+          currency: payment.currency_id,
+          installments: payment.installments,
+          payment_method: payment.payment_method_id,
+          payer_email: payment.payer?.email ?? null,
+          external_reference: payment.external_reference,
+          date_created: payment.date_created,
+          date_approved: payment.date_approved
+        };
+      }
+    }),
+    get_payment: tool({
+      description: desc("get_payment"),
+      inputSchema: z.object({
+        payment_id: z.string().describe("The MP payment ID")
+      }),
+      execute: async ({ payment_id }) => {
+        const p = await client.getPayment(payment_id);
+        return {
+          payment_id: p.id,
+          status: p.status,
+          status_detail: p.status_detail,
+          amount: p.transaction_amount,
+          currency: p.currency_id,
+          payment_method: p.payment_method_id,
+          installments: p.installments,
+          payer_email: p.payer?.email ?? null,
+          external_reference: p.external_reference,
+          date_created: p.date_created,
+          date_approved: p.date_approved,
+          net_received: p.transaction_details?.net_received_amount ?? null
+        };
+      }
+    }),
+    search_payments: tool({
+      description: desc("search_payments"),
+      inputSchema: z.object({
+        external_reference: z.string().optional(),
+        status: z.string().optional().describe("'approved' | 'pending' | 'rejected' | 'cancelled' | 'refunded' etc."),
+        payer_email: z.string().optional(),
+        begin_date: z.string().optional().describe("ISO 8601, e.g. 2026-01-01T00:00:00Z"),
+        end_date: z.string().optional().describe("ISO 8601"),
+        limit: z.number().int().min(1).max(100).optional().describe("Default 30, max 100"),
+        offset: z.number().int().min(0).optional().describe("Pagination offset (default 0)")
+      }),
+      execute: async (input) => {
+        const result = await client.searchPayments({
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.status !== void 0 ? { status: input.status } : {},
+          ...input.payer_email !== void 0 ? { payerEmail: input.payer_email } : {},
+          ...input.begin_date !== void 0 ? { beginDate: input.begin_date } : {},
+          ...input.end_date !== void 0 ? { endDate: input.end_date } : {},
+          ...input.limit !== void 0 ? { limit: input.limit } : {},
+          ...input.offset !== void 0 ? { offset: input.offset } : {}
+        });
+        return {
+          total: result.paging.total,
+          returned: result.results.length,
+          offset: result.paging.offset,
+          payments: result.results.map((p) => ({
+            payment_id: p.id,
+            status: p.status,
+            amount: p.transaction_amount,
+            currency: p.currency_id,
+            payer_email: p.payer?.email ?? null,
+            external_reference: p.external_reference,
+            date_created: p.date_created
+          }))
+        };
+      }
+    }),
+    cancel_payment: tool({
+      description: desc("cancel_payment"),
+      inputSchema: z.object({ payment_id: z.string() }),
+      execute: async ({ payment_id }) => {
+        const cancelled = await client.cancelPayment(payment_id);
+        return {
+          payment_id: cancelled.id,
+          status: cancelled.status,
+          message: "Payment cancelled. If it was already approved, use refund_payment instead."
+        };
+      }
+    }),
+    capture_payment: tool({
+      description: desc("capture_payment"),
+      inputSchema: z.object({
+        payment_id: z.string(),
+        amount_ars: z.number().positive().optional().describe("Optional partial-capture amount. Omit to capture full authorized amount.")
+      }),
+      execute: async ({ payment_id, amount_ars }) => {
+        const captured = await client.capturePayment(payment_id, amount_ars);
+        return {
+          payment_id: captured.id,
+          status: captured.status,
+          amount: captured.transaction_amount
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Refunds
+    // ─────────────────────────────────────────────────────────────────────────
+    refund_payment: tool({
+      description: desc("refund_payment"),
+      inputSchema: z.object({
+        payment_id: z.string(),
+        amount_ars: z.number().positive().optional().describe("Partial-refund amount in ARS. Omit for full refund.")
+      }),
+      execute: async ({ payment_id, amount_ars }) => {
+        const refund = await client.createRefund({
+          paymentId: payment_id,
+          ...amount_ars !== void 0 ? { amount: amount_ars } : {},
+          idempotencyKey: deterministicIdempotencyKey("refund", payment_id, amount_ars ?? "full")
+        });
+        return {
+          refund_id: refund.id,
+          payment_id: refund.payment_id,
+          amount: refund.amount,
+          status: refund.status,
+          message: amount_ars === void 0 ? "Full refund issued. Funds return to the buyer in 3-10 business days." : `Partial refund of ${amount_ars} ARS issued.`
+        };
+      }
+    }),
+    list_refunds: tool({
+      description: desc("list_refunds"),
+      inputSchema: z.object({ payment_id: z.string() }),
+      execute: async ({ payment_id }) => {
+        const refunds = await client.listRefunds(payment_id);
+        return {
+          payment_id,
+          count: refunds.length,
+          refunds: refunds.map((r) => ({
+            refund_id: r.id,
+            amount: r.amount,
+            status: r.status,
+            date_created: r.date_created
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Checkout Pro
+    // ─────────────────────────────────────────────────────────────────────────
+    create_payment_preference: tool({
+      description: desc("create_payment_preference"),
+      inputSchema: z.object({
+        items: z.array(z.object({
+          title: z.string().min(1).max(256),
+          quantity: z.number().int().positive(),
+          unit_price: z.number().positive(),
+          description: z.string().optional(),
+          picture_url: z.string().url().optional()
+        })).min(1).describe("Items being charged. At least one required."),
+        payer_email: z.string().email().optional().describe("Pre-fill the payer email on Checkout Pro form"),
+        external_reference: z.string().optional(),
+        max_installments: z.number().int().min(1).max(24).optional().describe("Limit max cuotas offered. Defaults to MP account config."),
+        statement_descriptor: z.string().max(13).optional(),
+        excluded_payment_types: z.array(z.enum(["credit_card", "debit_card", "ticket", "atm", "bank_transfer"])).optional().describe("Block payment types \u2014 e.g., ['ticket'] to disable Rapipago/Pago F\xE1cil")
+      }),
+      execute: async (input) => {
+        const pref = await client.createPreference({
+          items: input.items.map((it) => ({
+            title: it.title,
+            quantity: it.quantity,
+            unit_price: it.unit_price,
+            currency_id: "ARS",
+            ...it.description !== void 0 ? { description: it.description } : {},
+            ...it.picture_url !== void 0 ? { picture_url: it.picture_url } : {}
+          })),
+          ...input.payer_email !== void 0 ? { payer: { email: input.payer_email } } : {},
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
+          backUrls: { success: options.backUrl, failure: options.backUrl, pending: options.backUrl },
+          autoReturn: "approved",
+          ...options.notificationUrl !== void 0 ? { notificationUrl: options.notificationUrl } : {},
+          ...input.max_installments !== void 0 || input.excluded_payment_types !== void 0 ? {
+            paymentMethods: {
+              ...input.max_installments !== void 0 ? { installments: input.max_installments } : {},
+              ...input.excluded_payment_types !== void 0 ? { excluded_payment_types: input.excluded_payment_types.map((id) => ({ id })) } : {}
+            }
+          } : {}
+        });
+        return {
+          preference_id: pref.id,
+          init_point_url: pref.init_point ?? null,
+          sandbox_init_point_url: pref.sandbox_init_point ?? null,
+          external_reference: pref.external_reference,
+          date_created: pref.date_created,
+          next_step: "Send init_point_url (or sandbox_init_point_url in sandbox) to the customer. After they pay, MP fires a webhook with the payment_id; use get_payment to confirm status."
+        };
+      }
+    }),
+    get_payment_preference: tool({
+      description: desc("get_payment_preference"),
+      inputSchema: z.object({ preference_id: z.string() }),
+      execute: async ({ preference_id }) => {
+        const pref = await client.getPreference(preference_id);
+        return {
+          preference_id: pref.id,
+          init_point_url: pref.init_point ?? null,
+          sandbox_init_point_url: pref.sandbox_init_point ?? null,
+          external_reference: pref.external_reference,
+          items: pref.items,
+          date_created: pref.date_created
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Customers + Saved Cards
+    // ─────────────────────────────────────────────────────────────────────────
+    create_customer: tool({
+      description: desc("create_customer"),
+      inputSchema: z.object({
+        email: z.string().email(),
+        first_name: z.string().optional(),
+        last_name: z.string().optional(),
+        identification: z.object({
+          type: z.enum(["DNI", "CUIT", "CUIL"]),
+          number: z.string()
+        }).optional(),
+        description: z.string().optional()
+      }),
+      execute: async (input) => {
+        const customer = await client.createCustomer({
+          email: input.email,
+          ...input.first_name !== void 0 ? { firstName: input.first_name } : {},
+          ...input.last_name !== void 0 ? { lastName: input.last_name } : {},
+          ...input.identification !== void 0 ? { identification: input.identification } : {},
+          ...input.description !== void 0 ? { description: input.description } : {}
+        });
+        return {
+          customer_id: customer.id,
+          email: customer.email,
+          first_name: customer.first_name,
+          last_name: customer.last_name,
+          date_created: customer.date_created
+        };
+      }
+    }),
+    find_customer_by_email: tool({
+      description: desc("find_customer_by_email"),
+      inputSchema: z.object({ email: z.string().email() }),
+      execute: async ({ email }) => {
+        const result = await client.searchCustomers({ email, limit: 1 });
+        const customer = result.results[0] ?? null;
+        return customer ? {
+          found: true,
+          customer_id: customer.id,
+          email: customer.email,
+          first_name: customer.first_name,
+          last_name: customer.last_name
+        } : { found: false, customer_id: null };
+      }
+    }),
+    list_customer_cards: tool({
+      description: desc("list_customer_cards"),
+      inputSchema: z.object({ customer_id: z.string() }),
+      execute: async ({ customer_id }) => {
+        const cards = await client.listCustomerCards(customer_id);
+        return {
+          customer_id,
+          count: cards.length,
+          cards: cards.map((c) => ({
+            card_id: c.id,
+            last_four_digits: c.last_four_digits,
+            expiration_month: c.expiration_month,
+            expiration_year: c.expiration_year,
+            payment_method: c.payment_method?.id ?? null,
+            payment_method_name: c.payment_method?.name ?? null
+          }))
+        };
+      }
+    }),
+    delete_customer_card: tool({
+      description: desc("delete_customer_card"),
+      inputSchema: z.object({
+        customer_id: z.string(),
+        card_id: z.string()
+      }),
+      execute: async ({ customer_id, card_id }) => {
+        await client.deleteCustomerCard(customer_id, card_id);
+        return { customer_id, card_id, deleted: true };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Payment Methods + Installments
+    // ─────────────────────────────────────────────────────────────────────────
+    list_payment_methods: tool({
+      description: desc("list_payment_methods"),
+      inputSchema: z.object({}),
+      execute: async () => {
+        const methods = await client.listPaymentMethods();
+        return {
+          count: methods.length,
+          methods: methods.map((m) => ({
+            id: m.id,
+            name: m.name,
+            payment_type: m.payment_type_id,
+            status: m.status,
+            min_amount: m.min_allowed_amount,
+            max_amount: m.max_allowed_amount
+          }))
+        };
+      }
+    }),
+    calculate_installments: tool({
+      description: desc("calculate_installments"),
+      inputSchema: z.object({
+        amount_ars: z.number().positive(),
+        payment_method_id: z.string().optional().describe("E.g. 'visa', 'master', 'naranja'. Omit for all available methods."),
+        bin: z.string().min(6).max(8).optional().describe("First 6-8 digits of card for issuer-specific offers (e.g., Naranja interest-free promotions)")
+      }),
+      execute: async (input) => {
+        const offers = await client.getInstallments({
+          amount: input.amount_ars,
+          ...input.payment_method_id !== void 0 ? { paymentMethodId: input.payment_method_id } : {},
+          ...input.bin !== void 0 ? { bin: input.bin } : {}
+        });
+        return {
+          amount: input.amount_ars,
+          offers: offers.map((o) => ({
+            payment_method_id: o.payment_method_id,
+            payment_type_id: o.payment_type_id,
+            issuer_name: o.issuer?.name ?? null,
+            options: o.payer_costs.map((pc) => ({
+              installments: pc.installments,
+              installment_amount: pc.installment_amount,
+              total_amount: pc.total_amount,
+              installment_rate: pc.installment_rate,
+              recommended_message: pc.recommended_message
+            }))
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Account
+    // ─────────────────────────────────────────────────────────────────────────
+    get_account_info: tool({
+      description: desc("get_account_info"),
+      inputSchema: z.object({}),
+      execute: async () => {
+        const me = await client.getMe();
+        return {
+          account_id: me.id,
+          email: me.email,
+          nickname: me.nickname,
+          country_id: me.country_id,
+          site_id: me.site_id,
+          user_type: me.user_type
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Saved-card charging (v0.3)
+    // ─────────────────────────────────────────────────────────────────────────
+    charge_saved_card: tool({
+      description: desc("charge_saved_card"),
+      inputSchema: z.object({
+        customer_id: z.string().describe("MP customer id (from create_customer / find_customer_by_email)"),
+        card_id: z.string().describe("Saved card id (from list_customer_cards)"),
+        security_code: z.string().regex(/^\d{3,4}$/).describe("CVV \u2014 3 digits (Visa/Master) or 4 (Amex). User must provide this each charge in AR."),
+        amount_ars: z.number().positive(),
+        description: z.string().min(1).max(255),
+        installments: z.number().int().min(1).max(24).optional().describe("Default 1. Use calculate_installments first to pick a valid count."),
+        external_reference: z.string().optional(),
+        statement_descriptor: z.string().max(13).optional()
+      }),
+      execute: async (input) => {
+        const payment = await client.chargeSavedCard({
+          customerId: input.customer_id,
+          cardId: input.card_id,
+          securityCode: input.security_code,
+          amount: input.amount_ars,
+          description: input.description,
+          ...input.installments !== void 0 ? { installments: input.installments } : {},
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.statement_descriptor !== void 0 ? { statementDescriptor: input.statement_descriptor } : {},
+          idempotencyKey: deterministicIdempotencyKey(
+            "charge_saved_card",
+            input.card_id,
+            input.amount_ars,
+            input.external_reference
+          )
+        });
+        return {
+          payment_id: payment.id,
+          status: payment.status,
+          status_detail: payment.status_detail,
+          amount: payment.transaction_amount,
+          installments: payment.installments,
+          payment_method: payment.payment_method_id,
+          customer_id: input.customer_id,
+          card_id: input.card_id,
+          external_reference: payment.external_reference,
+          date_approved: payment.date_approved
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // QR in-store (v0.3)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_qr_payment: tool({
+      description: desc("create_qr_payment"),
+      inputSchema: z.object({
+        external_pos_id: z.string().describe("Pre-configured POS external_id from MP dashboard. Required."),
+        amount_ars: z.number().positive(),
+        title: z.string().min(1).max(80).describe("Display title shown when scanning"),
+        description: z.string().max(255).optional(),
+        external_reference: z.string().optional(),
+        notification_url: z.string().url().optional().describe("Webhook URL \u2014 falls back to dashboard config if omitted"),
+        expires_in_seconds: z.number().int().min(60).max(3600).optional().describe("Default 600 (10 min)")
+      }),
+      execute: async (input) => {
+        const QRCode = (await import('qrcode')).default;
+        const me = await client.getMe();
+        const userId = String(me.id);
+        const expiresAt = new Date(
+          Date.now() + (input.expires_in_seconds ?? 600) * 1e3
+        ).toISOString();
+        const qr = await client.createQrPayment(userId, {
+          externalPosId: input.external_pos_id,
+          totalAmount: input.amount_ars,
+          title: input.title,
+          ...input.description !== void 0 ? { description: input.description } : {},
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.notification_url !== void 0 ? { notificationUrl: input.notification_url } : {},
+          expirationDate: expiresAt
+        });
+        const qrDataUrl = await QRCode.toDataURL(qr.qr_data, {
+          errorCorrectionLevel: "M",
+          margin: 1,
+          width: 512
+        });
+        return {
+          in_store_order_id: qr.in_store_order_id,
+          qr_data: qr.qr_data,
+          qr_data_url: qrDataUrl,
+          expires_at: expiresAt,
+          external_pos_id: input.external_pos_id,
+          amount: input.amount_ars,
+          next_step: "Display the qr_data_url image to the buyer. Wait for the payment webhook (point_integration_wh fires first, then payment topic). If buyer doesn't scan in time, call cancel_qr_payment to free the POS."
+        };
+      }
+    }),
+    cancel_qr_payment: tool({
+      description: desc("cancel_qr_payment"),
+      inputSchema: z.object({
+        external_pos_id: z.string()
+      }),
+      execute: async ({ external_pos_id }) => {
+        const me = await client.getMe();
+        await client.cancelQrPayment(String(me.id), external_pos_id);
+        return { external_pos_id, cancelled: true };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Subscription Plans (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_subscription_plan: tool({
+      description: desc("create_subscription_plan"),
+      inputSchema: z.object({
+        reason: z.string().min(3).max(120).describe("Plan name shown at checkout"),
+        amount_ars: z.number().positive(),
+        frequency_months: z.number().int().min(1).max(12),
+        back_url: z.string().url().describe("HTTPS URL where MP redirects after first payment"),
+        external_reference: z.string().optional(),
+        free_trial_days: z.number().int().min(1).max(60).optional().describe("Free trial period in days before first charge")
+      }),
+      execute: async (input) => {
+        const plan = await client.createSubscriptionPlan({
+          reason: input.reason,
+          amount: input.amount_ars,
+          currency: "ARS",
+          frequency: input.frequency_months,
+          frequencyType: "months",
+          backUrl: input.back_url,
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {},
+          ...input.free_trial_days !== void 0 ? { freeTrialFrequency: input.free_trial_days, freeTrialFrequencyType: "days" } : {}
+        });
+        return {
+          plan_id: plan.id,
+          status: plan.status,
+          reason: plan.reason,
+          amount: plan.auto_recurring.transaction_amount,
+          currency: plan.auto_recurring.currency_id,
+          frequency: `${plan.auto_recurring.frequency} ${plan.auto_recurring.frequency_type}`,
+          external_reference: plan.external_reference,
+          next_step: "Use subscribe_to_plan to enroll customers in this plan, or share its ID for them to subscribe via your frontend."
+        };
+      }
+    }),
+    list_subscription_plans: tool({
+      description: desc("list_subscription_plans"),
+      inputSchema: z.object({
+        status: z.string().optional(),
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const result = await client.listSubscriptionPlans({
+          ...input.status !== void 0 ? { status: input.status } : {},
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          total: result.paging.total,
+          plans: result.results.map((p) => ({
+            plan_id: p.id,
+            reason: p.reason,
+            status: p.status,
+            amount: p.auto_recurring.transaction_amount,
+            currency: p.auto_recurring.currency_id,
+            frequency: `${p.auto_recurring.frequency} ${p.auto_recurring.frequency_type}`
+          }))
+        };
+      }
+    }),
+    update_subscription_plan: tool({
+      description: desc("update_subscription_plan"),
+      inputSchema: z.object({
+        plan_id: z.string(),
+        reason: z.string().optional(),
+        amount_ars: z.number().positive().optional(),
+        status: z.enum(["active", "cancelled"]).optional(),
+        back_url: z.string().url().optional()
+      }),
+      execute: async (input) => {
+        const updated = await client.updateSubscriptionPlan(input.plan_id, {
+          ...input.reason !== void 0 ? { reason: input.reason } : {},
+          ...input.amount_ars !== void 0 ? { amount: input.amount_ars } : {},
+          ...input.status !== void 0 ? { status: input.status } : {},
+          ...input.back_url !== void 0 ? { backUrl: input.back_url } : {}
+        });
+        return {
+          plan_id: updated.id,
+          status: updated.status,
+          reason: updated.reason,
+          amount: updated.auto_recurring.transaction_amount,
+          message: input.amount_ars !== void 0 ? "Updated. Existing subscribers keep their old amount; only NEW subscribers get the new pricing." : "Plan updated."
+        };
+      }
+    }),
+    subscribe_to_plan: tool({
+      description: desc("subscribe_to_plan"),
+      inputSchema: z.object({
+        plan_id: z.string(),
+        customer_email: z.string().email(),
+        external_reference: z.string().optional()
+      }),
+      execute: async (input) => {
+        const sub = await client.subscribeToPlan({
+          planId: input.plan_id,
+          payerEmail: input.customer_email,
+          ...input.external_reference !== void 0 ? { externalReference: input.external_reference } : {}
+        });
+        return {
+          subscription_id: sub.id,
+          status: sub.status,
+          payer_email: sub.payer_email,
+          init_point_url: sub.init_point,
+          next_step: "Send init_point_url to the customer for first payment with card+CVV."
+        };
+      }
+    }),
+    list_subscription_payments: tool({
+      description: desc("list_subscription_payments"),
+      inputSchema: z.object({
+        subscription_id: z.string(),
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const result = await client.listSubscriptionPayments(input.subscription_id, {
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          subscription_id: input.subscription_id,
+          total: result.paging.total,
+          payments: result.results.map((p) => ({
+            authorized_payment_id: p.id,
+            payment_id: p.payment_id ?? null,
+            status: p.status,
+            amount: p.transaction_amount ?? null,
+            currency: p.currency_id ?? null,
+            debit_date: p.debit_date ?? null,
+            next_retry_date: p.next_retry_date ?? null,
+            retry_attempt: p.retry_attempt ?? 0,
+            reason: p.reason ?? null
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Stores + POS (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    create_store: tool({
+      description: desc("create_store"),
+      inputSchema: z.object({
+        name: z.string().min(1).max(80),
+        external_id: z.string().min(1).max(64).describe("Unique within the seller's stores"),
+        address_line: z.string().optional(),
+        city_name: z.string().optional(),
+        state_name: z.string().optional()
+      }),
+      execute: async (input) => {
+        const me = await client.getMe();
+        const store = await client.createStore(String(me.id), {
+          name: input.name,
+          externalId: input.external_id,
+          ...input.address_line || input.city_name || input.state_name ? {
+            location: {
+              ...input.address_line ? { addressLine: input.address_line } : {},
+              ...input.city_name ? { cityName: input.city_name } : {},
+              ...input.state_name ? { stateName: input.state_name } : {},
+              countryId: "AR"
+            }
+          } : {}
+        });
+        return {
+          store_id: store.id,
+          name: store.name,
+          external_id: store.external_id,
+          next_step: "Use create_pos with this store_id to add a Point of Sale where create_qr_payment can issue QRs."
+        };
+      }
+    }),
+    list_stores: tool({
+      description: desc("list_stores"),
+      inputSchema: z.object({
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const me = await client.getMe();
+        const result = await client.listStores(String(me.id), {
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          total: result.paging.total,
+          stores: result.results.map((s) => ({
+            store_id: s.id,
+            name: s.name ?? null,
+            external_id: s.external_id ?? null
+          }))
+        };
+      }
+    }),
+    create_pos: tool({
+      description: desc("create_pos"),
+      inputSchema: z.object({
+        name: z.string().min(1).max(80),
+        external_id: z.string().min(1).max(64).describe("Unique within the store. This is what create_qr_payment uses."),
+        store_id: z.string().describe("From create_store / list_stores"),
+        category: z.number().int().optional().describe("MP category code, default 621102 (other food/beverage)"),
+        fixed_amount: z.boolean().optional().describe("True for static QR with fixed amount; false (default) for dynamic per-order QR")
+      }),
+      execute: async (input) => {
+        const pos = await client.createPos({
+          name: input.name,
+          externalId: input.external_id,
+          storeId: input.store_id,
+          ...input.category !== void 0 ? { category: input.category } : {},
+          ...input.fixed_amount !== void 0 ? { fixedAmount: input.fixed_amount } : {}
+        });
+        return {
+          pos_id: pos.id,
+          external_id: pos.external_id,
+          store_id: pos.store_id,
+          name: pos.name,
+          next_step: "Use create_qr_payment with this external_id to start issuing dynamic QRs from this POS."
+        };
+      }
+    }),
+    list_pos: tool({
+      description: desc("list_pos"),
+      inputSchema: z.object({
+        store_id: z.string().optional(),
+        limit: z.number().int().min(1).max(100).optional()
+      }),
+      execute: async (input) => {
+        const result = await client.listPos({
+          ...input.store_id !== void 0 ? { storeId: input.store_id } : {},
+          ...input.limit !== void 0 ? { limit: input.limit } : {}
+        });
+        return {
+          total: result.paging.total,
+          pos: result.results.map((p) => ({
+            pos_id: p.id,
+            external_id: p.external_id ?? null,
+            store_id: p.store_id ?? null,
+            name: p.name ?? null
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Disputes (v0.4 — read-only)
+    // ─────────────────────────────────────────────────────────────────────────
+    list_payment_disputes: tool({
+      description: desc("list_payment_disputes"),
+      inputSchema: z.object({ payment_id: z.string() }),
+      execute: async ({ payment_id }) => {
+        const disputes = await client.listPaymentDisputes(payment_id);
+        return {
+          payment_id,
+          count: disputes.length,
+          disputes: disputes.map((d) => ({
+            dispute_id: d.id,
+            status: d.status,
+            amount: d.amount ?? null,
+            reason: d.reason ?? null,
+            date_created: d.date_created ?? null,
+            dashboard_url: `https://www.mercadopago.com.ar/disputes/${d.id}`
+          }))
+        };
+      }
+    }),
+    get_dispute: tool({
+      description: desc("get_dispute"),
+      inputSchema: z.object({
+        payment_id: z.string(),
+        dispute_id: z.string()
+      }),
+      execute: async ({ payment_id, dispute_id }) => {
+        const d = await client.getDispute(payment_id, dispute_id);
+        return {
+          dispute_id: d.id,
+          status: d.status,
+          amount: d.amount ?? null,
+          reason: d.reason ?? null,
+          reason_description: d.reason_description ?? null,
+          resolution: d.resolution ?? null,
+          date_created: d.date_created ?? null,
+          dashboard_url: `https://www.mercadopago.com.ar/disputes/${d.id}`
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Lookup helpers (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    list_identification_types: tool({
+      description: desc("list_identification_types"),
+      inputSchema: z.object({}),
+      execute: async () => {
+        const types = await client.listIdentificationTypes();
+        return {
+          count: types.length,
+          types: types.map((t) => ({
+            id: t.id,
+            name: t.name,
+            type: t.type,
+            min_length: t.min_length ?? null,
+            max_length: t.max_length ?? null
+          }))
+        };
+      }
+    }),
+    list_issuers: tool({
+      description: desc("list_issuers"),
+      inputSchema: z.object({
+        payment_method_id: z.string().describe("E.g. 'visa', 'master', 'naranja'"),
+        bin: z.string().min(6).max(8).optional().describe("First 6-8 digits of card for precise issuer detection")
+      }),
+      execute: async (input) => {
+        const issuers = await client.listIssuers({
+          paymentMethodId: input.payment_method_id,
+          ...input.bin !== void 0 ? { bin: input.bin } : {}
+        });
+        return {
+          payment_method_id: input.payment_method_id,
+          count: issuers.length,
+          issuers: issuers.map((i) => ({
+            issuer_id: i.id,
+            name: i.name,
+            status: i.status ?? null
+          }))
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // Webhooks management (v0.4)
+    // ─────────────────────────────────────────────────────────────────────────
+    list_webhooks: tool({
+      description: desc("list_webhooks"),
+      inputSchema: z.object({}),
+      execute: async () => {
+        const hooks = await client.listWebhooks();
+        return {
+          count: hooks.length,
+          webhooks: hooks.map((h) => ({
+            webhook_id: h.id,
+            url: h.url ?? null,
+            topic: h.topic ?? null,
+            status: h.status ?? null,
+            date_created: h.date_created ?? null
+          }))
+        };
+      }
+    }),
+    create_webhook: tool({
+      description: desc("create_webhook"),
+      inputSchema: z.object({
+        url: z.string().url(),
+        topic: z.string().describe("E.g. 'payment', 'subscription_authorized_payment', 'subscription_preapproval', 'merchant_order', 'point_integration_wh'")
+      }),
+      execute: async ({ url, topic }) => {
+        const hook = await client.createWebhook({ url, topic });
+        return {
+          webhook_id: hook.id,
+          url: hook.url ?? url,
+          topic: hook.topic ?? topic,
+          status: hook.status ?? null
+        };
+      }
+    }),
+    update_webhook: tool({
+      description: desc("update_webhook"),
+      inputSchema: z.object({
+        webhook_id: z.string(),
+        url: z.string().url().optional(),
+        topic: z.string().optional()
+      }),
+      execute: async (input) => {
+        const hook = await client.updateWebhook(input.webhook_id, {
+          ...input.url !== void 0 ? { url: input.url } : {},
+          ...input.topic !== void 0 ? { topic: input.topic } : {}
+        });
+        return {
+          webhook_id: hook.id,
+          url: hook.url ?? null,
+          topic: hook.topic ?? null,
+          status: hook.status ?? null
+        };
+      }
+    }),
+    delete_webhook: tool({
+      description: desc("delete_webhook"),
+      inputSchema: z.object({ webhook_id: z.string() }),
+      execute: async ({ webhook_id }) => {
+        await client.deleteWebhook(webhook_id);
+        return { webhook_id, deleted: true };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // v0.5 — Webhook handler combo
+    // ─────────────────────────────────────────────────────────────────────────
+    handle_webhook: tool({
+      description: desc("handle_webhook"),
+      inputSchema: z.object({
+        raw_body: z.string().describe(
+          "The raw JSON body of the webhook request, exactly as received (do NOT re-stringify). Pass `await req.text()` from your handler."
+        ),
+        signature_header: z.string().nullable().describe("Value of the `x-signature` request header."),
+        request_id_header: z.string().nullable().describe("Value of the `x-request-id` request header."),
+        auto_fetch: z.boolean().optional().default(true).describe(
+          "If true (default), fetch the underlying resource (Payment, Subscription, etc.) AS the MP user the client is configured for. Set to false to skip the fetch (faster, useful when you only need the topic+id)."
+        )
+      }),
+      execute: async ({
+        raw_body,
+        signature_header,
+        request_id_header,
+        auto_fetch
+      }) => {
+        if (!options.webhookSecret) {
+          return {
+            verified: false,
+            error: "webhookSecret not configured in mercadoPagoTools options. Pass it from MP dev panel \u2192 Notificaciones \u2192 Webhooks.",
+            event: null,
+            resource: null
+          };
+        }
+        let parsedBody;
+        try {
+          parsedBody = JSON.parse(raw_body);
+        } catch {
+          return {
+            verified: false,
+            error: "raw_body is not valid JSON.",
+            event: null,
+            resource: null
+          };
+        }
+        const event = parseWebhookEvent(parsedBody);
+        if (!event) {
+          return {
+            verified: false,
+            error: "Could not extract topic + dataId from webhook body.",
+            event: null,
+            resource: null
+          };
+        }
+        const verified = verifyWebhookSignature({
+          requestId: request_id_header,
+          dataId: event.dataId,
+          signatureHeader: signature_header,
+          secret: options.webhookSecret
+        });
+        if (!verified) {
+          return {
+            verified: false,
+            error: "HMAC-SHA256 signature mismatch. Reject the webhook (HTTP 401).",
+            event,
+            resource: null
+          };
+        }
+        let resource = null;
+        let resourceError = null;
+        if (auto_fetch) {
+          try {
+            switch (event.topic) {
+              case "payment":
+              case "payment.created":
+              case "payment.updated":
+                resource = await client.getPayment(event.dataId);
+                break;
+              case "preapproval":
+              case "subscription_preapproval":
+                resource = await client.getPreapproval(event.dataId);
+                break;
+              case "subscription_authorized_payment":
+                resource = { id: event.dataId, hint: "Use list_subscription_payments to enumerate parent." };
+                break;
+              default:
+                resource = null;
+                resourceError = `No auto-fetch handler for topic '${event.topic}' yet.`;
+            }
+          } catch (err) {
+            resourceError = err instanceof Error ? err.message : String(err);
+          }
+        }
+        return {
+          verified: true,
+          event,
+          resource,
+          resource_error: resourceError
+        };
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // v0.5 — OAuth Marketplace flow
+    // ─────────────────────────────────────────────────────────────────────────
+    oauth_authorize_url: tool({
+      description: desc("oauth_authorize_url"),
+      inputSchema: z.object({
+        redirect_uri: z.string().url().describe(
+          "Where MP redirects the seller after approval. MUST be whitelisted in MP dev panel \u2192 Aplicaciones \u2192 tu app \u2192 Redirect URIs."
+        ),
+        state: z.string().min(8).describe(
+          "Opaque CSRF/session token echoed back. Bind to the user's session and verify on redirect."
+        )
+      }),
+      execute: async ({ redirect_uri, state }) => {
+        if (!options.oauth?.clientId) {
+          return {
+            available: false,
+            error: "OAuth not configured. Pass `oauth: { clientId, clientSecret }` to mercadoPagoTools options.",
+            url: null
+          };
+        }
+        const url = buildAuthorizeUrl({
+          clientId: options.oauth.clientId,
+          redirectUri: redirect_uri,
+          state
+        });
+        return {
+          available: true,
+          url,
+          next_step: "Redirect the seller to `url`. After approval MP sends them to redirect_uri?code=...&state=... \u2014 verify state matches, then call oauth_exchange_code with the code."
+        };
+      }
+    }),
+    oauth_exchange_code: tool({
+      description: desc("oauth_exchange_code"),
+      inputSchema: z.object({
+        code: z.string().describe("The `code` query param from the OAuth redirect URL."),
+        redirect_uri: z.string().url().describe(
+          "Must EXACTLY match the redirect_uri used in oauth_authorize_url."
+        )
+      }),
+      execute: async ({ code, redirect_uri }) => {
+        if (!options.oauth?.clientId || !options.oauth?.clientSecret) {
+          return {
+            available: false,
+            error: "OAuth not configured. Pass `oauth: { clientId, clientSecret }` to mercadoPagoTools options.",
+            token: null
+          };
+        }
+        try {
+          const token = await exchangeCodeForToken({
+            clientId: options.oauth.clientId,
+            clientSecret: options.oauth.clientSecret,
+            code,
+            redirectUri: redirect_uri
+          });
+          return {
+            available: true,
+            token,
+            next_step: "PERSIST { user_id, access_token, refresh_token, expires_in } against this seller. Use access_token to instantiate `new MercadoPagoClient({ accessToken })` AS the seller for marketplace API calls."
+          };
+        } catch (err) {
+          return {
+            available: true,
+            error: err instanceof Error ? err.message : String(err),
+            token: null
+          };
+        }
+      }
+    }),
+    oauth_refresh_token: tool({
+      description: desc("oauth_refresh_token"),
+      inputSchema: z.object({
+        refresh_token: z.string().describe("The saved refresh_token for this seller.")
+      }),
+      execute: async ({ refresh_token }) => {
+        if (!options.oauth?.clientId || !options.oauth?.clientSecret) {
+          return {
+            available: false,
+            error: "OAuth not configured. Pass `oauth: { clientId, clientSecret }` to mercadoPagoTools options.",
+            token: null
+          };
+        }
+        try {
+          const token = await refreshAccessToken({
+            clientId: options.oauth.clientId,
+            clientSecret: options.oauth.clientSecret,
+            refreshToken: refresh_token
+          });
+          return {
+            available: true,
+            token,
+            next_step: "Replace the persisted access_token + refresh_token with these new values (refresh_token may have rotated)."
+          };
+        } catch (err) {
+          return {
+            available: true,
+            error: err instanceof Error ? err.message : String(err),
+            token: null
+          };
+        }
+      }
+    }),
+    // ─────────────────────────────────────────────────────────────────────────
+    // v0.5 — Order Management API
+    // ─────────────────────────────────────────────────────────────────────────
+    create_order: tool({
+      description: desc("create_order"),
+      inputSchema: z.object({
+        type: z.enum(["online", "in_store"]).describe("'online' for hosted/checkout flow, 'in_store' for QR/POS"),
+        currency_id: z.string().optional().default("ARS"),
+        external_reference: z.string().optional(),
+        total_amount: z.number().positive().optional(),
+        items: z.array(
+          z.object({
+            title: z.string(),
+            unit_price: z.number(),
+            quantity: z.number(),
+            description: z.string().optional()
+          })
+        ).optional(),
+        payer_email: z.string().email().optional(),
+        capture_mode: z.enum(["automatic", "manual"]).optional().describe(
+          "'automatic' charges immediately; 'manual' authorizes only \u2014 capture later via capture_order."
+        ),
+        notification_url: z.string().url().optional(),
+        marketplace: z.string().optional().describe(
+          "Marketplace identifier (your app's name). Required for split payments."
+        ),
+        marketplace_fee: z.number().optional().describe(
+          "Fee in ARS (NOT %) credited to the marketplace's MP account."
+        ),
+        collector_id: z.union([z.string(), z.number()]).optional().describe(
+          "Seller's MP user_id (from oauth_exchange_code.user_id). Funds route here; marketplace_fee is split off to your account."
+        )
+      }),
+      execute: async (input) => {
+        const params = {
+          type: input.type
+        };
+        if (input.currency_id) params.currency_id = input.currency_id;
+        if (input.external_reference) params.external_reference = input.external_reference;
+        if (input.total_amount !== void 0) params.total_amount = input.total_amount;
+        if (input.items) params.items = input.items;
+        if (input.payer_email) params.payer = { email: input.payer_email };
+        if (input.capture_mode) params.capture_mode = input.capture_mode;
+        if (input.notification_url) params.notification_url = input.notification_url;
+        if (input.marketplace) params.marketplace = input.marketplace;
+        if (input.marketplace_fee !== void 0) params.marketplace_fee = input.marketplace_fee;
+        if (input.collector_id !== void 0) params.collector_id = input.collector_id;
+        const order = await client.createOrder(params, {
+          idempotencyKey: deterministicIdempotencyKey(
+            "create_order",
+            input.external_reference,
+            input.total_amount,
+            input.collector_id
+          )
+        });
+        return {
+          order_id: order.id,
+          status: order.status ?? null,
+          capture_mode: order.capture_mode ?? params.capture_mode ?? "automatic",
+          total_amount: order.total_amount ?? null
+        };
+      }
+    }),
+    get_order: tool({
+      description: desc("get_order"),
+      inputSchema: z.object({ order_id: z.string() }),
+      execute: async ({ order_id }) => {
+        const order = await client.getOrder(order_id);
+        return order;
+      }
+    }),
+    update_order: tool({
+      description: desc("update_order"),
+      inputSchema: z.object({
+        order_id: z.string(),
+        external_reference: z.string().optional(),
+        total_amount: z.number().optional()
+      }),
+      execute: async ({ order_id, external_reference, total_amount }) => {
+        const patch = {};
+        if (external_reference !== void 0) patch.external_reference = external_reference;
+        if (total_amount !== void 0) patch.total_amount = total_amount;
+        const order = await client.updateOrder(order_id, patch);
+        return order;
+      }
+    }),
+    capture_order: tool({
+      description: desc("capture_order"),
+      inputSchema: z.object({
+        order_id: z.string(),
+        amount: z.number().positive().optional().describe(
+          "Optional partial-capture amount. Omit to capture the full authorized amount."
+        )
+      }),
+      execute: async ({ order_id, amount }) => {
+        const order = await client.captureOrder(order_id, amount);
+        return {
+          order_id: order.id,
+          status: order.status ?? null,
+          captured_amount: amount ?? order.total_amount ?? null
+        };
+      }
+    }),
+    cancel_order: tool({
+      description: desc("cancel_order"),
+      inputSchema: z.object({ order_id: z.string() }),
+      execute: async ({ order_id }) => {
+        const order = await client.cancelOrder(order_id);
+        return {
+          order_id: order.id,
+          status: order.status ?? "canceled"
+        };
+      }
+    })
+  };
+}
+
+// src/state.ts
+var InMemoryStateAdapter = class {
+  store = /* @__PURE__ */ new Map();
+  async set(id, state) {
+    const existing = this.store.get(id) ?? {};
+    this.store.set(id, { ...existing, ...state });
+  }
+  async get(id) {
+    return this.store.get(id) ?? null;
+  }
+  async list() {
+    return Array.from(this.store.keys());
+  }
+  /** Test helper: drop everything. Not part of the adapter interface. */
+  reset() {
+    this.store.clear();
+  }
+};
 
-export { InMemoryStateAdapter, MercadoPagoAccountTypeMismatchError, MercadoPagoAuthError, MercadoPagoAuthorizeForbiddenError, MercadoPagoBackUrlInvalidError, MercadoPagoClient, MercadoPagoError, MercadoPagoOverloadedError, MercadoPagoPaymentRejectedError, MercadoPagoRateLimitError, MercadoPagoSelfPaymentError, MercadoPagoTimeoutError, classifyError, mercadoPagoTools, parseWebhookEvent, verifyWebhookSignature };
+export { InMemoryStateAdapter, MercadoPagoAccountTypeMismatchError, MercadoPagoAuthError, MercadoPagoAuthorizeForbiddenError, MercadoPagoBackUrlInvalidError, MercadoPagoClient, MercadoPagoError, MercadoPagoOverloadedError, MercadoPagoPaymentRejectedError, MercadoPagoRateLimitError, MercadoPagoSelfPaymentError, MercadoPagoTimeoutError, buildAuthorizeUrl, classifyError, exchangeCodeForToken, expirationTimeMs, isExpiringSoon, mercadoPagoTools, parseWebhookEvent, refreshAccessToken, verifyWebhookSignature };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map