dineway 0.1.9 → 0.1.11

package/dist/astro/routes/api/mcp.mjs

@@ -0,0 +1,2700 @@
+import "../../../dialect-helpers-DhTzaUxP.mjs";
+import "../../../content-CyLkb-qH.mjs";
+import "../../../base64-Cz-aU0X1.mjs";
+import "../../../types-Bs6lTBBW.mjs";
+import "../../../media-_7Fxdu45.mjs";
+import "../../../options-z8VVg1Ll.mjs";
+import "../../../site-activity-B8FjLIVh.mjs";
+import { t as ReviewRequestRepository } from "../../../review-requests-C2DIHwlJ.mjs";
+import "../../../entity-aliases-C0v-yNET.mjs";
+import { a as ContextRepository, i as parseSiteBriefingScope, r as formatSiteBriefingText, t as SiteBriefingAssembler } from "../../../briefing-BrXCuMEE.mjs";
+import { t as SITE_CONTEXT_TYPES } from "../../../context-types-C-LwdAxx.mjs";
+import "../../../fts-manager-B1pTNEG_.mjs";
+import "../../../registry-C-_hxLqa.mjs";
+import "../../../loader-PZnPxFLc.mjs";
+import "../../../settings-4XnpVMOS.mjs";
+import "../../../request-cache-DHMRr2Lf.mjs";
+import { n as VERSION } from "../../../version-DH53KCQd.mjs";
+import "../../../schema-BNpI53of.mjs";
+import "../../../zod-generator-DBVP8D0P.mjs";
+import { t as apiError } from "../../../error-DEGjx2Xw.mjs";
+import { P as settingsUpdateBody, an as contentSeoInput, bn as contentBylineInputSchema } from "../../../redirects-CqaxraTO.mjs";
+import "../../../import-DD3f2jkc.mjs";
+import "../../../api/schemas/index.mjs";
+import "../../../utils-D2in-zwy.mjs";
+import "../../../search-DM6CVti3.mjs";
+import { i as hasScope } from "../../../api-tokens-DzloJxuh.mjs";
+import { C as HITL_REQUEST_STATUSES, E as ASSIGNMENT_STATUSES, S as HITL_REQUEST_PRIORITIES, T as ASSIGNMENT_PRIORITIES, _ as RiskPolicyEvaluator, a as ActorExpertiseService, b as toPublicContextEntry, f as SettingsHitlPayloadBuilder, g as SchemaHitlPayloadBuilder, i as HandoffSnapshotStore, n as HitlRequestService, o as EntityResolver, r as AssignmentService, t as WorkflowHitlCoordinator, v as ReviewPayloadBuilder, w as ASSIGNMENT_ACTOR_TYPES, x as toPublicContextEntryPage, y as toPublicContextDiff } from "../../../site-context-Bpu_Paur.mjs";
+import { T as resolveActorIdentity, b as schemaMcpToolSource, d as logSchemaActivity, o as logContentActivity, p as logSiteActivitySafely, r as contentMcpToolSource, t as activityChangedKeys } from "../../../activity-events-BsMaXdJa.mjs";
+import { z } from "zod";
+import { Role, canActOnOwn, hasPermission } from "@dineway-ai/auth";
+import { WebStandardStreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js";
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { ErrorCode, McpError } from "@modelcontextprotocol/sdk/types.js";
+
+//#region src/mcp/server.ts
+const COLLECTION_SLUG_PATTERN = /^[a-z][a-z0-9_]*$/;
+const ENTITY_RESOLVE_TYPES = [
+	"content",
+	"collection",
+	"plugin",
+	"taxonomy",
+	"menu"
+];
+const ACTOR_EXPERTISE_ACTOR_TYPES = [
+	"user",
+	"api_token",
+	"system"
+];
+const HANDOFF_KINDS = [
+	"pause",
+	"review_request",
+	"assignment"
+];
+const HANDOFF_REFERENCE_TYPES = ["review_request", "assignment"];
+const settingsMcpUpdateBody = settingsUpdateBody.extend({ hitl_request_id: z.string().optional().describe("Approved HITL request id required for API-token settings changes.") });
+/**
+* Unwrap an ApiResult<T> into MCP tool result format.
+* On success, returns the data as pretty-printed JSON text content.
+* On failure, returns the error message with isError flag.
+*/
+function unwrap(result) {
+	if (result.success && result.data !== void 0) return { content: [{
+		type: "text",
+		text: JSON.stringify(result.data, null, 2)
+	}] };
+	return {
+		content: [{
+			type: "text",
+			text: result.error && typeof result.error === "object" && "message" in result.error ? String(result.error.message) : "Unknown error"
+		}],
+		isError: true
+	};
+}
+/**
+* Return a JSON text block.
+*/
+function jsonResult(data) {
+	return { content: [{
+		type: "text",
+		text: JSON.stringify(data, null, 2)
+	}] };
+}
+/**
+* Return an error text block.
+*/
+function errorResult(error) {
+	return {
+		content: [{
+			type: "text",
+			text: error instanceof Error ? error.message : String(error)
+		}],
+		isError: true
+	};
+}
+function getExtra(extra) {
+	const payload = extra.authInfo?.extra;
+	if (!payload?.dineway) throw new Error("Dineway not available — server misconfigured");
+	return payload;
+}
+function getDineway(extra) {
+	return getExtra(extra).dineway;
+}
+function canReadDrafts(extra) {
+	return hasPermission({ role: getExtra(extra).userRole }, "content:read_drafts");
+}
+function requireDraftAccess(extra) {
+	if (!canReadDrafts(extra)) throw new McpError(ErrorCode.InvalidRequest, "Insufficient permissions for this operation");
+}
+function isPublishedRecord(value) {
+	return typeof value === "object" && value !== null && "status" in value && value.status === "published";
+}
+/**
+* Enforce a scope requirement on the current request.
+*
+* When tokenScopes is undefined (session auth), all operations are allowed
+* since session users have full access based on their role. When scopes are
+* present (token auth), the required scope must be included.
+*/
+function requireScope(extra, scope) {
+	const payload = getExtra(extra);
+	if (payload.tokenScopes && !hasScope(payload.tokenScopes, scope)) throw new McpError(ErrorCode.InvalidRequest, `Insufficient scope: requires ${scope}`);
+}
+function requireAnyScope(extra, scopes) {
+	const tokenScopes = getExtra(extra).tokenScopes;
+	if (!tokenScopes) return;
+	if (scopes.some((scope) => hasScope(tokenScopes, scope))) return;
+	throw new McpError(ErrorCode.InvalidRequest, `Insufficient scope: requires one of ${scopes.join(", ")}`);
+}
+function tokenAllows(payload, scope) {
+	return !payload.tokenScopes || hasScope(payload.tokenScopes, scope);
+}
+function briefingPermissions(payload) {
+	const user = { role: payload.userRole };
+	return {
+		canReadContent: hasPermission(user, "content:read") && tokenAllows(payload, "content:read"),
+		canReadSchema: hasPermission(user, "schema:read") && tokenAllows(payload, "schema:read"),
+		canReadSettings: hasPermission(user, "settings:read") && tokenAllows(payload, "admin"),
+		canReadPlugins: hasPermission(user, "plugins:read") && tokenAllows(payload, "admin")
+	};
+}
+function contentScopeAllowedForHandoff(payload) {
+	return hasPermission({ role: payload.userRole }, "content:read") && tokenAllows(payload, "content:read") || payload.userRole >= Role.AUTHOR && tokenAllows(payload, "content:write");
+}
+function contentDiffReadableForHandoff(payload) {
+	return hasPermission({ role: payload.userRole }, "content:read") && tokenAllows(payload, "content:read");
+}
+function schemaReadableForHandoff(payload) {
+	return hasPermission({ role: payload.userRole }, "schema:read") && tokenAllows(payload, "schema:read");
+}
+function pluginsReadableForHandoff(payload) {
+	return hasPermission({ role: payload.userRole }, "plugins:read") && tokenAllows(payload, "admin");
+}
+function requireHandoffScope(extra, scope) {
+	requireRole(extra, Role.AUTHOR);
+	const payload = getExtra(extra);
+	switch (parseSiteBriefingScope(scope).type) {
+		case "content":
+		case "taxonomy":
+		case "menu":
+			if (!contentScopeAllowedForHandoff(payload)) throw new McpError(ErrorCode.InvalidRequest, "Insufficient permission to capture or resume a content-adjacent handoff for this scope.");
+			return;
+		case "collection":
+		case "site":
+			if (contentDiffReadableForHandoff(payload) || schemaReadableForHandoff(payload) || pluginsReadableForHandoff(payload)) return;
+			throw new McpError(ErrorCode.InvalidRequest, "Insufficient permission to capture or resume a site-context handoff for this scope.");
+		case "plugin":
+			if (pluginsReadableForHandoff(payload)) return;
+			throw new McpError(ErrorCode.InvalidRequest, "Insufficient permission to capture or resume a plugin handoff for this scope.");
+	}
+}
+function requireContextRead(extra) {
+	requireAnyScope(extra, ["content:read", "admin"]);
+	requireRole(extra, Role.SUBSCRIBER);
+}
+function requireContextWrite(extra) {
+	requireScope(extra, "admin");
+	requireRole(extra, Role.EDITOR);
+}
+function actorLocals(payload) {
+	return {
+		user: { id: payload.userId },
+		tokenScopes: payload.tokenScopes,
+		authToken: payload.authToken
+	};
+}
+function scopesFromContextToolArgs(scope, includeInherited) {
+	if (!scope) return void 0;
+	const parsed = parseSiteBriefingScope(scope);
+	return includeInherited ? parsed.ancestors : [parsed.scope];
+}
+function requireReviewSubmit(extra) {
+	requireAnyScope(extra, ["content:write", "admin"]);
+	requireRole(extra, Role.AUTHOR);
+}
+function requireReviewResolve(extra) {
+	requireAnyScope(extra, ["content:write", "admin"]);
+	requireRole(extra, Role.EDITOR);
+}
+function requireReviewRead(extra) {
+	requireAnyScope(extra, ["content:read", "admin"]);
+	requireRole(extra, Role.SUBSCRIBER);
+}
+function requireWorkflowRead(extra) {
+	requireAnyScope(extra, [
+		"workflow:read",
+		"workflow:write",
+		"admin"
+	]);
+	requireRole(extra, Role.AUTHOR);
+}
+function requireWorkflowWrite(extra) {
+	requireAnyScope(extra, ["workflow:write", "admin"]);
+	requireRole(extra, Role.AUTHOR);
+}
+function requireHitlRead(extra) {
+	requireWorkflowRead(extra);
+}
+function requireHitlSubmit(extra) {
+	requireWorkflowWrite(extra);
+}
+function requireHitlResolve(extra) {
+	requireAnyScope(extra, ["workflow:write", "admin"]);
+	requireRole(extra, Role.EDITOR);
+}
+function workflowActorContext(payload) {
+	const actor = resolveActorIdentity(actorLocals(payload));
+	return {
+		actorType: actor.actorType,
+		actorId: actor.actorId,
+		authMetadata: actor.authMetadata,
+		userRole: payload.userRole
+	};
+}
+function scopeReadableForExpertise(payload, scope) {
+	try {
+		switch (parseSiteBriefingScope(scope).type) {
+			case "content":
+			case "taxonomy":
+			case "menu": return contentDiffReadableForHandoff(payload);
+			case "collection":
+			case "site": return contentDiffReadableForHandoff(payload) || schemaReadableForHandoff(payload) || pluginsReadableForHandoff(payload);
+			case "plugin": return pluginsReadableForHandoff(payload);
+		}
+	} catch {
+		return false;
+	}
+}
+function requireExpertiseRead(extra) {
+	requireAnyScope(extra, [
+		"content:read",
+		"schema:read",
+		"admin"
+	]);
+	requireRole(extra, Role.SUBSCRIBER);
+}
+function requireExpertiseScope(extra, scope) {
+	requireExpertiseRead(extra);
+	if (scopeReadableForExpertise(getExtra(extra), scope)) return;
+	throw new McpError(ErrorCode.InvalidRequest, "Insufficient permission to inspect actor expertise for this scope.");
+}
+function allowedEntityResolveTypes(payload, requestedTypes) {
+	const user = { role: payload.userRole };
+	const allowed = ENTITY_RESOLVE_TYPES.filter((entityType) => {
+		switch (entityType) {
+			case "content":
+			case "taxonomy":
+			case "menu": return hasPermission(user, "content:read") && tokenAllows(payload, "content:read");
+			case "collection": return hasPermission(user, "schema:read") && tokenAllows(payload, "schema:read");
+			case "plugin": return hasPermission(user, "plugins:read") && tokenAllows(payload, "admin");
+		}
+	});
+	if (!requestedTypes || requestedTypes.length === 0) return allowed;
+	const disallowed = requestedTypes.filter((entityType) => !allowed.includes(entityType));
+	if (disallowed.length > 0) throw new McpError(ErrorCode.InvalidRequest, `Insufficient scope or role for entity types: ${disallowed.join(", ")}`);
+	return requestedTypes;
+}
+function contentPublishReviewRequired(extra) {
+	const payload = getExtra(extra);
+	const actor = resolveActorIdentity(actorLocals(payload));
+	return new RiskPolicyEvaluator({
+		db: payload.dineway.db,
+		handlers: payload.dineway
+	}).requiresContentPublishReview(actor);
+}
+async function requireApprovedContentPublishReview(extra, collection, id, reviewRequestId) {
+	const payload = getExtra(extra);
+	const actor = resolveActorIdentity(actorLocals(payload));
+	const decision = await new RiskPolicyEvaluator({
+		db: payload.dineway.db,
+		handlers: payload.dineway
+	}).evaluateContentPublishReview({
+		actor,
+		collection,
+		id,
+		reviewRequestId
+	});
+	if (!decision.allowed) throw new McpError(ErrorCode.InvalidRequest, decision.message);
+}
+async function ensureWorkflowHitlRequest(extra, action) {
+	const payload = getExtra(extra);
+	const ensured = await new WorkflowHitlCoordinator(payload.dineway.db).ensureRequest({
+		actor: workflowActorContext(payload),
+		action
+	});
+	if (!ensured.created) return ensured;
+	await logSiteActivitySafely(payload.dineway.db, actorLocals(payload), {
+		actionType: "hitl.submitted",
+		subjectType: "hitl_request",
+		subjectId: ensured.request.id,
+		scope: ensured.request.scope,
+		summary: `Submitted HITL request for ${ensured.request.actionType}`,
+		detail: {
+			actionType: ensured.request.actionType,
+			targetRefType: ensured.request.targetRefType,
+			targetRefId: ensured.request.targetRefId,
+			priority: ensured.request.priority,
+			riskReason: ensured.request.riskReason
+		}
+	});
+	return ensured;
+}
+async function resolveReviewRequestSubmitTarget(payload, args) {
+	if (args.id && args.entity_query) throw new McpError(ErrorCode.InvalidRequest, "Provide either id or entity_query when submitting a review request, not both.");
+	if (!args.id && !args.entity_query) throw new McpError(ErrorCode.InvalidRequest, "review_request_submit requires either an exact id or a fuzzy entity_query.");
+	if (args.id) {
+		if (!args.collection) throw new McpError(ErrorCode.InvalidRequest, "collection is required when review_request_submit uses an exact id or slug.");
+		return {
+			status: "ready",
+			collection: args.collection,
+			id: args.id
+		};
+	}
+	const query = args.entity_query;
+	const result = await new EntityResolver({
+		db: payload.dineway.db,
+		handlers: payload.dineway
+	}).resolve({
+		query,
+		entityTypes: ["content"],
+		collection: args.collection,
+		limit: args.entity_limit
+	});
+	if (result.status === "resolved") {
+		const resolved = result.resolved;
+		if (!resolved?.collection) throw new McpError(ErrorCode.InternalError, "Resolved content target is missing its collection slug.");
+		return {
+			status: "ready",
+			collection: resolved.collection,
+			id: resolved.entityId
+		};
+	}
+	const actionType = args.action_type ?? "content.publish";
+	const suggestion = result.suggestion ?? "Publish review requests must bind to one exact content target. Narrow the query or ask a human to choose the correct item before retrying.";
+	if (result.status === "ambiguous") return {
+		status: "ambiguous",
+		actionType,
+		query,
+		candidates: result.candidates ?? [],
+		suggestion
+	};
+	return {
+		status: "not_found",
+		actionType,
+		query,
+		suggestion
+	};
+}
+/**
+* Defense-in-depth: enforce a minimum RBAC role on the current request.
+*
+* This is checked in addition to scope requirements. Even if a token has
+* the right scopes (e.g. due to a bug in scope clamping), the user's
+* actual role must still meet the minimum.
+*/
+function requireRole(extra, minRole) {
+	if (getExtra(extra).userRole < minRole) throw new McpError(ErrorCode.InvalidRequest, "Insufficient permissions for this operation");
+}
+/**
+* Enforce ownership-based permission checks, mirroring the REST API's
+* requireOwnerPerm() pattern.
+*
+* If the user is the owner, checks ownPermission. Otherwise checks
+* anyPermission (which requires EDITOR+ role).
+*/
+function requireOwnership(extra, ownerId, ownPermission, anyPermission) {
+	const payload = getExtra(extra);
+	if (!canActOnOwn({
+		id: payload.userId,
+		role: payload.userRole
+	}, ownerId, ownPermission, anyPermission)) throw new McpError(ErrorCode.InvalidRequest, "Insufficient permissions for this operation");
+}
+/**
+* Extract the author ID from a content handler response.
+*
+* Content handlers return `{ item: { id, authorId, ... }, _rev? }`.
+* This helper navigates that shape safely.
+*/
+function extractContentAuthorId(data) {
+	if (!data || typeof data !== "object") throw new McpError(ErrorCode.InternalError, "Cannot determine content ownership: no data returned");
+	const obj = data;
+	const item = obj.item && typeof obj.item === "object" ? obj.item : obj;
+	const authorId = typeof item?.authorId === "string" ? item.authorId : "";
+	if (!authorId) throw new McpError(ErrorCode.InternalError, "Cannot determine content ownership: content has no authorId");
+	return authorId;
+}
+/**
+* Extract the resolved ID from a content handler response.
+* Handles slug -> ID resolution performed by the handler.
+*/
+function extractContentId(data) {
+	if (!data || typeof data !== "object") return void 0;
+	const obj = data;
+	const item = obj.item && typeof obj.item === "object" ? obj.item : obj;
+	return typeof item?.id === "string" ? item.id : void 0;
+}
+async function logMcpContentActivity(dineway, locals, collection, entryId, action, toolName, detail) {
+	await logContentActivity(dineway.db, locals, {
+		action,
+		collection,
+		entryId,
+		...contentMcpToolSource(toolName),
+		detail
+	});
+}
+function experimentalWorkflowDescription(description) {
+	return "Experimental: this deferred Site Context workflow surface exists on the current branch but is not part of the approved baseline contract. " + description;
+}
+function createMcpServer() {
+	const server = new McpServer({
+		name: "dineway",
+		version: VERSION
+	}, { capabilities: { logging: {} } });
+	server.registerTool("site_briefing_get", {
+		title: "Get Site Briefing",
+		description: "Build a read-only Site Context Engine briefing for a site, collection, content item, plugin, taxonomy, or menu scope. The briefing includes inherited scopes, authorized schema, recent activity, active plugin capabilities, curated settings/SEO, and forward-compatible context/review/staleness sections.",
+		inputSchema: z.object({
+			scope: z.string().optional().describe("Scope string: site, collection:{slug}, content:{collection}:{id}, plugin:{id}, taxonomy:{id}, or menu:{id}. Defaults to site."),
+			since: z.string().optional().describe("ISO timestamp or relative age such as 30m, 12h, 7d, or 2w."),
+			context_types: z.array(z.string()).optional().describe("Optional context entry type filter for inherited site-context entries."),
+			include_stale: z.boolean().optional().describe("Whether to include stale context warnings. Defaults to true."),
+			format: z.enum(["json", "text"]).optional().describe("Response format. Defaults to json."),
+			token_budget: z.number().int().min(1).max(1e5).optional().describe("Approximate token budget for packable sections. Schema is never truncated."),
+			activity_limit: z.number().int().min(1).max(100).optional().describe("Maximum activity rows to consider before budget packing. Defaults to 10.")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireAnyScope(extra, [
+			"content:read",
+			"schema:read",
+			"admin"
+		]);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		try {
+			const briefing = await new SiteBriefingAssembler({
+				db: ec.db,
+				storage: ec.storage,
+				configuredPlugins: ec.configuredPlugins,
+				marketplaceUrl: ec.config.marketplace,
+				permissions: briefingPermissions(payload)
+			}).assemble({
+				scope: args.scope,
+				since: args.since,
+				contextTypes: args.context_types,
+				includeStale: args.include_stale,
+				format: args.format,
+				tokenBudget: args.token_budget,
+				activityLimit: args.activity_limit
+			});
+			if (args.format === "text") return { content: [{
+				type: "text",
+				text: formatSiteBriefingText(briefing)
+			}] };
+			return jsonResult(briefing);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("context_add", {
+		title: "Add Context Entry",
+		description: "Add a typed Site Context Engine entry attached to a Dineway scope. Use this for durable operational knowledge, not content revisions.",
+		inputSchema: z.object({
+			scope: z.string().describe("Scope string: site, collection:{slug}, content:{collection}:{id}, plugin:{id}, taxonomy:{id}, or menu:{id}."),
+			context_type: z.enum(SITE_CONTEXT_TYPES).describe("Typed context category."),
+			title: z.string().min(1).describe("Short human-readable title."),
+			body: z.string().min(1).describe("Operational guidance, decision, risk, or note body."),
+			tags: z.array(z.string()).optional().describe("Search/filter tags."),
+			policy_key: z.string().optional().describe("Stable key for a replaceable policy/rule."),
+			source_activity_id: z.string().optional().describe("Optional source activity log id."),
+			valid_until: z.string().optional().describe("Optional ISO timestamp when this entry should be reviewed.")
+		})
+	}, async (args, extra) => {
+		requireContextWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		const repository = new ContextRepository(payload.dineway.db);
+		try {
+			parseSiteBriefingScope(args.scope);
+			const entry = await repository.create({
+				scope: args.scope,
+				contextType: args.context_type,
+				title: args.title,
+				body: args.body,
+				tags: args.tags,
+				policyKey: args.policy_key,
+				sourceActivityId: args.source_activity_id,
+				validUntil: args.valid_until,
+				createdByActorType: actor.actorType,
+				createdByActorId: actor.actorId,
+				createdAuthMetadata: actor.authMetadata
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "context.added",
+				subjectType: "context_entry",
+				subjectId: entry.id,
+				scope: entry.scope,
+				sourceType: "mcp_tool",
+				sourceName: "context_add",
+				summary: `Added ${entry.contextType} context: ${entry.title}`,
+				detail: {
+					contextType: entry.contextType,
+					policyKey: entry.policyKey,
+					tags: entry.tags
+				}
+			});
+			return jsonResult({ item: toPublicContextEntry(entry) });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("context_get", {
+		title: "Get Context Entry",
+		description: "Get a Site Context Engine entry by id.",
+		inputSchema: z.object({ id: z.string().describe("Context entry id.") }),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireContextRead(extra);
+		const entry = await new ContextRepository(getDineway(extra).db).findById(args.id);
+		return entry ? jsonResult({ item: toPublicContextEntry(entry) }) : errorResult(`Context entry not found: ${args.id}`);
+	});
+	server.registerTool("context_list", {
+		title: "List Context Entries",
+		description: "List current context entries, optionally scoped and inherited.",
+		inputSchema: z.object({
+			scope: z.string().optional().describe("Optional scope filter."),
+			include_inherited: z.boolean().optional().describe("Include ancestor scopes for the provided scope."),
+			context_types: z.array(z.enum(SITE_CONTEXT_TYPES)).optional().describe("Context type filters."),
+			tags: z.array(z.string()).optional().describe("Tag filters; matches any provided tag."),
+			current_only: z.boolean().optional().describe("Defaults to true. Set false to include superseded entries."),
+			limit: z.number().int().min(1).max(100).optional(),
+			cursor: z.string().optional()
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireContextRead(extra);
+		try {
+			return jsonResult(toPublicContextEntryPage(await new ContextRepository(getDineway(extra).db).list({
+				scopes: scopesFromContextToolArgs(args.scope, args.include_inherited),
+				contextTypes: args.context_types,
+				tags: args.tags,
+				currentOnly: args.current_only,
+				limit: args.limit,
+				cursor: args.cursor
+			})));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("context_search", {
+		title: "Search Context Entries",
+		description: "Portable keyword search over context title, body, scope, and policy key.",
+		inputSchema: z.object({
+			query: z.string().min(1).describe("Keyword query."),
+			scope: z.string().optional().describe("Optional scope filter."),
+			include_inherited: z.boolean().optional().describe("Include ancestor scopes for the provided scope."),
+			context_types: z.array(z.enum(SITE_CONTEXT_TYPES)).optional(),
+			tags: z.array(z.string()).optional(),
+			current_only: z.boolean().optional(),
+			limit: z.number().int().min(1).max(100).optional(),
+			cursor: z.string().optional()
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireContextRead(extra);
+		try {
+			return jsonResult(toPublicContextEntryPage(await new ContextRepository(getDineway(extra).db).search({
+				query: args.query,
+				scopes: scopesFromContextToolArgs(args.scope, args.include_inherited),
+				contextTypes: args.context_types,
+				tags: args.tags,
+				currentOnly: args.current_only,
+				limit: args.limit,
+				cursor: args.cursor
+			})));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("context_supersede", {
+		title: "Supersede Context Entry",
+		description: "Replace a context entry while preserving its audit history.",
+		inputSchema: z.object({
+			id: z.string().describe("Context entry id to supersede."),
+			scope: z.string().optional().describe("Replacement scope. Defaults to the old entry scope."),
+			context_type: z.enum(SITE_CONTEXT_TYPES).optional().describe("Replacement type. Defaults to old type."),
+			title: z.string().min(1),
+			body: z.string().min(1),
+			tags: z.array(z.string()).optional(),
+			policy_key: z.string().optional(),
+			source_activity_id: z.string().optional(),
+			valid_until: z.string().optional()
+		})
+	}, async (args, extra) => {
+		requireContextWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		try {
+			if (args.scope) parseSiteBriefingScope(args.scope);
+			const entry = await new ContextRepository(payload.dineway.db).supersede(args.id, {
+				scope: args.scope,
+				contextType: args.context_type,
+				title: args.title,
+				body: args.body,
+				tags: args.tags,
+				policyKey: args.policy_key,
+				sourceActivityId: args.source_activity_id,
+				validUntil: args.valid_until,
+				createdByActorType: actor.actorType,
+				createdByActorId: actor.actorId,
+				createdAuthMetadata: actor.authMetadata
+			});
+			if (!entry) return errorResult(`Context entry not found: ${args.id}`);
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "context.superseded",
+				subjectType: "context_entry",
+				subjectId: entry.id,
+				scope: entry.scope,
+				sourceType: "mcp_tool",
+				sourceName: "context_supersede",
+				summary: `Superseded context entry ${args.id}`,
+				detail: {
+					supersedesId: args.id,
+					replacementId: entry.id,
+					contextType: entry.contextType,
+					policyKey: entry.policyKey
+				}
+			});
+			return jsonResult({ item: toPublicContextEntry(entry) });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("context_review", {
+		title: "Review Context Entry",
+		description: "Mark a current context entry reviewed and optionally extend its validity.",
+		inputSchema: z.object({
+			id: z.string(),
+			review_note: z.string().optional(),
+			valid_until: z.string().optional()
+		})
+	}, async (args, extra) => {
+		requireContextWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		const entry = await new ContextRepository(payload.dineway.db).review(args.id, {
+			reviewedByActorType: actor.actorType,
+			reviewedByActorId: actor.actorId,
+			reviewNote: args.review_note,
+			validUntil: args.valid_until
+		});
+		if (!entry) return errorResult(`Context entry not found: ${args.id}`);
+		await logSiteActivitySafely(payload.dineway.db, locals, {
+			actionType: "context.reviewed",
+			subjectType: "context_entry",
+			subjectId: entry.id,
+			scope: entry.scope,
+			sourceType: "mcp_tool",
+			sourceName: "context_review",
+			summary: `Reviewed context entry ${entry.title}`,
+			detail: {
+				contextType: entry.contextType,
+				validUntil: entry.validUntil
+			}
+		});
+		return jsonResult({ item: toPublicContextEntry(entry) });
+	});
+	server.registerTool("context_stale", {
+		title: "List Stale Context Entries",
+		description: "List current context entries whose valid_until timestamp has passed.",
+		inputSchema: z.object({
+			scope: z.string().optional(),
+			include_inherited: z.boolean().optional(),
+			context_types: z.array(z.enum(SITE_CONTEXT_TYPES)).optional(),
+			tags: z.array(z.string()).optional(),
+			now: z.string().optional(),
+			limit: z.number().int().min(1).max(100).optional(),
+			cursor: z.string().optional()
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireContextRead(extra);
+		try {
+			return jsonResult(toPublicContextEntryPage(await new ContextRepository(getDineway(extra).db).listStale({
+				scopes: scopesFromContextToolArgs(args.scope, args.include_inherited),
+				contextTypes: args.context_types,
+				tags: args.tags,
+				now: args.now,
+				limit: args.limit,
+				cursor: args.cursor
+			})));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("context_diff", {
+		title: "Diff Context Entries",
+		description: "Return context entries that are new, superseded, stale, or reviewed since a timestamp.",
+		inputSchema: z.object({
+			since: z.string().describe("ISO timestamp lower bound."),
+			scope: z.string().optional(),
+			include_inherited: z.boolean().optional(),
+			now: z.string().optional()
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireContextRead(extra);
+		try {
+			return jsonResult(toPublicContextDiff(await new ContextRepository(getDineway(extra).db).diff({
+				scopes: scopesFromContextToolArgs(args.scope, args.include_inherited),
+				since: args.since,
+				now: args.now
+			})));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("review_request_submit", {
+		title: "Submit Review Request",
+		description: "Submit a lightweight content review request before executing a gated publish action. Provide either an exact content id/slug plus collection, or a fuzzy content entity_query. Resolved targets create a bound review request; ambiguous or missing matches return a structured result without creating a review request.",
+		inputSchema: z.object({
+			collection: z.string().optional().describe("Collection slug, or an optional content collection hint when using entity_query."),
+			id: z.string().optional().describe("Exact content item id or slug. Required unless entity_query is provided."),
+			entity_query: z.string().optional().describe("Fuzzy content reference to resolve before submitting the publish review request."),
+			entity_limit: z.number().int().min(1).max(10).optional().describe("Max ambiguity candidates to return when entity_query does not resolve cleanly."),
+			action_type: z.enum(["content.publish"]).optional().describe("Action requiring review. Defaults to content.publish."),
+			risk_reason: z.string().optional().describe("Reason this action needs review."),
+			summary: z.string().optional().describe("Human-readable review summary.")
+		})
+	}, async (args, extra) => {
+		requireReviewSubmit(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		try {
+			const target = await resolveReviewRequestSubmitTarget(payload, args);
+			if (target.status !== "ready") return jsonResult(target);
+			const existing = await payload.dineway.handleContentGet(target.collection, target.id);
+			if (!existing.success) return unwrap(existing);
+			requireOwnership(extra, extractContentAuthorId(existing.data), "content:publish_own", "content:publish_any");
+			const resolvedId = extractContentId(existing.data) ?? target.id;
+			const built = await new ReviewPayloadBuilder(payload.dineway).buildContentReviewPayload({
+				collection: target.collection,
+				id: resolvedId,
+				actionType: args.action_type,
+				summary: args.summary
+			});
+			const request = await new ReviewRequestRepository(payload.dineway.db).create({
+				collection: built.collection,
+				entryId: built.entryId,
+				scope: built.scope,
+				liveRevisionId: built.liveRevisionId,
+				draftRevisionId: built.draftRevisionId,
+				reviewedRev: built.reviewedRev,
+				actionType: built.actionType,
+				actionHash: built.actionHash,
+				riskReason: args.risk_reason,
+				reviewPayload: built.reviewPayload,
+				requestedByActorType: actor.actorType,
+				requestedByActorId: actor.actorId,
+				requestedAuthMetadata: actor.authMetadata
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "review.submitted",
+				subjectType: "review_request",
+				subjectId: request.id,
+				scope: request.scope,
+				sourceType: "mcp_tool",
+				sourceName: "review_request_submit",
+				resultStatus: "pending",
+				summary: `Submitted review request for ${request.actionType}`,
+				detail: {
+					collection: request.collection,
+					entryId: request.entryId,
+					actionType: request.actionType,
+					actionHash: request.actionHash,
+					riskReason: request.riskReason
+				}
+			});
+			return jsonResult({
+				status: "submitted",
+				request
+			});
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("review_request_check", {
+		title: "Check Review Request",
+		description: "Check a lightweight review request by id.",
+		inputSchema: z.object({ id: z.string().describe("Review request id.") }),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireReviewRead(extra);
+		const request = await new ReviewRequestRepository(getDineway(extra).db).findById(args.id);
+		return request ? jsonResult({ request }) : errorResult(`Review request not found: ${args.id}`);
+	});
+	server.registerTool("review_request_resolve", {
+		title: "Resolve Review Request",
+		description: "Approve or reject a pending lightweight review request.",
+		inputSchema: z.object({
+			id: z.string().describe("Review request id."),
+			decision: z.enum(["approved", "rejected"]).describe("Human review decision."),
+			review_note: z.string().optional().describe("Optional review note.")
+		})
+	}, async (args, extra) => {
+		requireReviewResolve(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		const request = await new ReviewRequestRepository(payload.dineway.db).resolve(args.id, {
+			decision: args.decision,
+			resolvedByActorType: actor.actorType,
+			resolvedByActorId: actor.actorId,
+			resolvedAuthMetadata: actor.authMetadata,
+			reviewNote: args.review_note
+		});
+		if (!request) return errorResult(`Review request not found or already resolved: ${args.id}`);
+		await logSiteActivitySafely(payload.dineway.db, locals, {
+			actionType: args.decision === "approved" ? "review.approved" : "review.rejected",
+			subjectType: "review_request",
+			subjectId: request.id,
+			scope: request.scope,
+			sourceType: "mcp_tool",
+			sourceName: "review_request_resolve",
+			summary: `${args.decision === "approved" ? "Approved" : "Rejected"} review request ${request.id}`,
+			detail: {
+				collection: request.collection,
+				entryId: request.entryId,
+				actionType: request.actionType,
+				actionHash: request.actionHash,
+				reviewNote: request.reviewNote
+			}
+		});
+		return jsonResult({ request });
+	});
+	server.registerTool("assignment_create", {
+		title: "Create Assignment",
+		description: experimentalWorkflowDescription("Create a workflow assignment attached to a Dineway scope. Assignments are durable human-agent handoffs and must use explicit lifecycle transitions instead of ad hoc status patches."),
+		inputSchema: z.object({
+			scope: z.string().describe("Assignment scope string."),
+			assignment_type: z.string().describe("Workflow-specific assignment type label."),
+			title: z.string().describe("Short assignment title."),
+			summary: z.string().optional().describe("Optional short summary."),
+			details: z.string().optional().describe("Optional detailed handoff or execution brief."),
+			priority: z.enum(ASSIGNMENT_PRIORITIES).optional().describe("Assignment priority."),
+			assigned_to_actor_type: z.enum(ASSIGNMENT_ACTOR_TYPES).describe("Actor type for the assignee."),
+			assigned_to_actor_id: z.string().describe("Actor id for the assignee."),
+			due_at: z.string().optional().describe("Optional ISO due timestamp."),
+			related_handoff_snapshot_id: z.string().optional().describe("Optional handoff snapshot id linked to this assignment."),
+			metadata: z.record(z.string(), z.unknown()).optional().describe("Optional non-secret workflow metadata.")
+		})
+	}, async (args, extra) => {
+		requireWorkflowWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const assignment = await new AssignmentService(payload.dineway.db).create(workflowActorContext(payload), {
+				scope: args.scope,
+				assignmentType: args.assignment_type,
+				title: args.title,
+				summary: args.summary,
+				details: args.details,
+				priority: args.priority,
+				assignedToActorType: args.assigned_to_actor_type,
+				assignedToActorId: args.assigned_to_actor_id,
+				dueAt: args.due_at,
+				relatedHandoffSnapshotId: args.related_handoff_snapshot_id,
+				metadata: args.metadata
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "assignment.created",
+				subjectType: "assignment",
+				subjectId: assignment.id,
+				scope: assignment.scope,
+				summary: `Created assignment ${assignment.title}`,
+				detail: {
+					assignmentType: assignment.assignmentType,
+					priority: assignment.priority,
+					assignedToActorType: assignment.assignedToActorType,
+					assignedToActorId: assignment.assignedToActorId
+				}
+			});
+			return jsonResult({ assignment });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_get", {
+		title: "Get Assignment",
+		description: experimentalWorkflowDescription("Fetch one workflow assignment by id."),
+		inputSchema: z.object({ id: z.string().describe("Assignment id.") }),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireWorkflowRead(extra);
+		const payload = getExtra(extra);
+		try {
+			const assignment = await new AssignmentService(payload.dineway.db).get(args.id, workflowActorContext(payload));
+			return assignment ? jsonResult({ assignment }) : errorResult(`Assignment not found: ${args.id}`);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_list", {
+		title: "List Assignments",
+		description: experimentalWorkflowDescription("List workflow assignments visible to the current actor. Non-editor actors are automatically limited to assignments they assigned or were assigned."),
+		inputSchema: z.object({
+			scope: z.string().optional().describe("Optional exact scope filter."),
+			statuses: z.array(z.enum(ASSIGNMENT_STATUSES)).optional().describe("Optional assignment status filters."),
+			priority: z.enum(ASSIGNMENT_PRIORITIES).optional().describe("Optional priority filter."),
+			assignment_type: z.string().optional().describe("Optional assignment type filter."),
+			assigned_to_me: z.boolean().optional().describe("Restrict to assignments currently assigned to the current actor."),
+			assigned_by_me: z.boolean().optional().describe("Restrict to assignments created by the current actor."),
+			since: z.string().optional().describe("Optional ISO updated_at lower bound."),
+			limit: z.number().int().min(1).max(100).optional().describe("Page size. Defaults to 50."),
+			cursor: z.string().optional().describe("Pagination cursor.")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireWorkflowRead(extra);
+		const payload = getExtra(extra);
+		try {
+			return jsonResult(await new AssignmentService(payload.dineway.db).list(workflowActorContext(payload), {
+				scope: args.scope,
+				statuses: args.statuses,
+				priority: args.priority,
+				assignmentType: args.assignment_type,
+				assignedToMe: args.assigned_to_me,
+				assignedByMe: args.assigned_by_me,
+				since: args.since,
+				limit: args.limit,
+				cursor: args.cursor
+			}));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_accept", {
+		title: "Accept Assignment",
+		description: experimentalWorkflowDescription("Accept a pending workflow assignment."),
+		inputSchema: z.object({ id: z.string().describe("Assignment id.") })
+	}, async (args, extra) => {
+		requireWorkflowWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const service = new AssignmentService(payload.dineway.db);
+			const before = await service.get(args.id, workflowActorContext(payload));
+			if (!before) return errorResult(`Assignment not found: ${args.id}`);
+			const assignment = await service.accept({
+				id: args.id,
+				actor: workflowActorContext(payload)
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "assignment.accepted",
+				subjectType: "assignment",
+				subjectId: assignment.id,
+				scope: assignment.scope,
+				summary: `Accepted assignment ${assignment.title}`,
+				detail: {
+					beforeStatus: before.status,
+					afterStatus: assignment.status
+				}
+			});
+			return jsonResult({ assignment });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_start", {
+		title: "Start Assignment",
+		description: experimentalWorkflowDescription("Move an assignment into in_progress. When the assignment is currently blocked, this acts as the validated resume transition."),
+		inputSchema: z.object({ id: z.string().describe("Assignment id.") })
+	}, async (args, extra) => {
+		requireWorkflowWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const service = new AssignmentService(payload.dineway.db);
+			const before = await service.get(args.id, workflowActorContext(payload));
+			if (!before) return errorResult(`Assignment not found: ${args.id}`);
+			const assignment = await service.start({
+				id: args.id,
+				actor: workflowActorContext(payload)
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: before.status === "blocked" ? "assignment.resumed" : "assignment.started",
+				subjectType: "assignment",
+				subjectId: assignment.id,
+				scope: assignment.scope,
+				summary: before.status === "blocked" ? `Resumed assignment ${assignment.title}` : `Started assignment ${assignment.title}`,
+				detail: {
+					beforeStatus: before.status,
+					afterStatus: assignment.status
+				}
+			});
+			return jsonResult({ assignment });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_complete", {
+		title: "Complete Assignment",
+		description: experimentalWorkflowDescription("Mark a workflow assignment complete."),
+		inputSchema: z.object({
+			id: z.string().describe("Assignment id."),
+			completion_note: z.string().optional().describe("Optional completion note.")
+		})
+	}, async (args, extra) => {
+		requireWorkflowWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const service = new AssignmentService(payload.dineway.db);
+			const before = await service.get(args.id, workflowActorContext(payload));
+			if (!before) return errorResult(`Assignment not found: ${args.id}`);
+			const assignment = await service.complete({
+				id: args.id,
+				actor: workflowActorContext(payload),
+				reason: args.completion_note
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "assignment.completed",
+				subjectType: "assignment",
+				subjectId: assignment.id,
+				scope: assignment.scope,
+				summary: `Completed assignment ${assignment.title}`,
+				detail: {
+					beforeStatus: before.status,
+					afterStatus: assignment.status,
+					completionNote: args.completion_note
+				}
+			});
+			return jsonResult({ assignment });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_decline", {
+		title: "Decline Assignment",
+		description: experimentalWorkflowDescription("Decline a workflow assignment."),
+		inputSchema: z.object({
+			id: z.string().describe("Assignment id."),
+			reason: z.string().optional().describe("Optional decline reason.")
+		})
+	}, async (args, extra) => {
+		requireWorkflowWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const service = new AssignmentService(payload.dineway.db);
+			const before = await service.get(args.id, workflowActorContext(payload));
+			if (!before) return errorResult(`Assignment not found: ${args.id}`);
+			const assignment = await service.decline({
+				id: args.id,
+				actor: workflowActorContext(payload),
+				reason: args.reason
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "assignment.declined",
+				subjectType: "assignment",
+				subjectId: assignment.id,
+				scope: assignment.scope,
+				summary: `Declined assignment ${assignment.title}`,
+				detail: {
+					beforeStatus: before.status,
+					afterStatus: assignment.status,
+					reason: args.reason
+				}
+			});
+			return jsonResult({ assignment });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_block", {
+		title: "Block Assignment",
+		description: experimentalWorkflowDescription("Mark a workflow assignment blocked and record why."),
+		inputSchema: z.object({
+			id: z.string().describe("Assignment id."),
+			reason: z.string().optional().describe("Optional blocking reason.")
+		})
+	}, async (args, extra) => {
+		requireWorkflowWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const service = new AssignmentService(payload.dineway.db);
+			const before = await service.get(args.id, workflowActorContext(payload));
+			if (!before) return errorResult(`Assignment not found: ${args.id}`);
+			const assignment = await service.block({
+				id: args.id,
+				actor: workflowActorContext(payload),
+				reason: args.reason
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "assignment.blocked",
+				subjectType: "assignment",
+				subjectId: assignment.id,
+				scope: assignment.scope,
+				summary: `Blocked assignment ${assignment.title}`,
+				detail: {
+					beforeStatus: before.status,
+					afterStatus: assignment.status,
+					reason: args.reason
+				}
+			});
+			return jsonResult({ assignment });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("assignment_cancel", {
+		title: "Cancel Assignment",
+		description: experimentalWorkflowDescription("Cancel a workflow assignment that should no longer continue."),
+		inputSchema: z.object({
+			id: z.string().describe("Assignment id."),
+			reason: z.string().optional().describe("Optional cancellation reason.")
+		})
+	}, async (args, extra) => {
+		requireWorkflowWrite(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const service = new AssignmentService(payload.dineway.db);
+			const before = await service.get(args.id, workflowActorContext(payload));
+			if (!before) return errorResult(`Assignment not found: ${args.id}`);
+			const assignment = await service.cancel({
+				id: args.id,
+				actor: workflowActorContext(payload),
+				reason: args.reason
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "assignment.cancelled",
+				subjectType: "assignment",
+				subjectId: assignment.id,
+				scope: assignment.scope,
+				summary: `Cancelled assignment ${assignment.title}`,
+				detail: {
+					beforeStatus: before.status,
+					afterStatus: assignment.status,
+					reason: args.reason
+				}
+			});
+			return jsonResult({ assignment });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("hitl_request_submit", {
+		title: "Submit HITL Request",
+		description: experimentalWorkflowDescription("Submit a generic human-in-the-loop approval request for a high-risk non-content action. This stores the structured review payload, target ref, optional assignment/handoff links, and waits for a human decision."),
+		inputSchema: z.object({
+			scope: z.string().describe("Scope string: site, collection:{slug}, content:{collection}:{id}, or plugin:{id}."),
+			action_type: z.string().describe("High-risk action label such as plugin.enable or schema.delete_field."),
+			title: z.string().describe("Short reviewer-facing title."),
+			summary: z.string().optional().describe("Optional reviewer-facing summary."),
+			risk_reason: z.string().describe("Reason this action requires human approval."),
+			review_payload: z.record(z.string(), z.unknown()).describe("Structured human-readable review payload."),
+			target_ref_type: z.string().describe("Target ref type, such as plugin, collection, menu, or site."),
+			target_ref_id: z.string().describe("Target ref id or stable key."),
+			priority: z.enum(HITL_REQUEST_PRIORITIES).optional().describe("Optional priority. Defaults to normal."),
+			metadata: z.record(z.string(), z.unknown()).optional().describe("Optional non-secret routing metadata."),
+			related_assignment_id: z.string().optional().describe("Optional linked assignment id."),
+			related_handoff_snapshot_id: z.string().optional().describe("Optional linked handoff snapshot id."),
+			sla_due_at: z.string().optional().describe("Optional ISO timestamp for later SLA handling.")
+		})
+	}, async (args, extra) => {
+		requireHitlSubmit(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const request = await new HitlRequestService(payload.dineway.db).create(workflowActorContext(payload), {
+				scope: args.scope,
+				actionType: args.action_type,
+				title: args.title,
+				summary: args.summary,
+				riskReason: args.risk_reason,
+				reviewPayload: args.review_payload,
+				targetRefType: args.target_ref_type,
+				targetRefId: args.target_ref_id,
+				priority: args.priority,
+				metadata: args.metadata,
+				relatedAssignmentId: args.related_assignment_id,
+				relatedHandoffSnapshotId: args.related_handoff_snapshot_id,
+				slaDueAt: args.sla_due_at
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "hitl.submitted",
+				subjectType: "hitl_request",
+				subjectId: request.id,
+				scope: request.scope,
+				summary: `Submitted HITL request for ${request.actionType}`,
+				detail: {
+					actionType: request.actionType,
+					targetRefType: request.targetRefType,
+					targetRefId: request.targetRefId,
+					priority: request.priority,
+					riskReason: request.riskReason,
+					relatedAssignmentId: request.relatedAssignmentId
+				}
+			});
+			return jsonResult({
+				status: "submitted",
+				request
+			});
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("hitl_request_get", {
+		title: "Get HITL Request",
+		description: experimentalWorkflowDescription("Get one generic HITL approval request by id."),
+		inputSchema: z.object({ id: z.string().describe("HITL request id.") }),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireHitlRead(extra);
+		const payload = getExtra(extra);
+		try {
+			const request = await new HitlRequestService(payload.dineway.db).get(args.id, workflowActorContext(payload));
+			return request ? jsonResult({ request }) : errorResult(`HITL request not found: ${args.id}`);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("hitl_request_list", {
+		title: "List HITL Requests",
+		description: experimentalWorkflowDescription("List generic HITL approval requests. Non-editor actors only see requests they submitted; editors can inspect all matching requests."),
+		inputSchema: z.object({
+			scope: z.string().optional().describe("Optional scope string: site, collection:{slug}, content:{collection}:{id}, or plugin:{id}."),
+			include_inherited: z.boolean().optional().describe("Include ancestor scopes when scope is provided. Defaults to false."),
+			statuses: z.array(z.enum(HITL_REQUEST_STATUSES)).optional().describe("Optional status filter."),
+			action_type: z.string().optional().describe("Optional action type filter."),
+			priority: z.enum(HITL_REQUEST_PRIORITIES).optional().describe("Optional priority filter."),
+			target_ref_type: z.string().optional().describe("Optional target ref type filter."),
+			target_ref_id: z.string().optional().describe("Optional target ref id filter."),
+			related_assignment_id: z.string().optional().describe("Optional related assignment id filter."),
+			since: z.string().optional().describe("Optional updated_at lower bound ISO timestamp."),
+			limit: z.number().int().min(1).max(100).optional().describe("Maximum rows to return."),
+			cursor: z.string().optional().describe("Opaque pagination cursor.")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireHitlRead(extra);
+		const payload = getExtra(extra);
+		try {
+			return jsonResult(await new HitlRequestService(payload.dineway.db).list(workflowActorContext(payload), {
+				scope: args.include_inherited ? void 0 : args.scope,
+				scopes: scopesFromContextToolArgs(args.scope, args.include_inherited),
+				statuses: args.statuses,
+				actionType: args.action_type,
+				priority: args.priority,
+				targetRefType: args.target_ref_type,
+				targetRefId: args.target_ref_id,
+				relatedAssignmentId: args.related_assignment_id,
+				since: args.since,
+				limit: args.limit,
+				cursor: args.cursor
+			}));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("hitl_request_resolve", {
+		title: "Resolve HITL Request",
+		description: experimentalWorkflowDescription("Approve or reject a pending generic HITL request as an editor or admin reviewer."),
+		inputSchema: z.object({
+			id: z.string().describe("HITL request id."),
+			decision: z.enum(["approved", "rejected"]).describe("Review decision."),
+			review_note: z.string().optional().describe("Optional reviewer note.")
+		})
+	}, async (args, extra) => {
+		requireHitlResolve(extra);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		try {
+			const service = new HitlRequestService(payload.dineway.db);
+			const before = await service.get(args.id, workflowActorContext(payload));
+			if (!before) return errorResult(`HITL request not found: ${args.id}`);
+			const request = await service.resolve({
+				id: args.id,
+				actor: workflowActorContext(payload),
+				decision: args.decision,
+				reviewNote: args.review_note
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: args.decision === "approved" ? "hitl.approved" : "hitl.rejected",
+				subjectType: "hitl_request",
+				subjectId: request.id,
+				scope: request.scope,
+				summary: `${args.decision === "approved" ? "Approved" : "Rejected"} HITL request ${request.id}`,
+				detail: {
+					beforeStatus: before.status,
+					afterStatus: request.status,
+					actionType: request.actionType,
+					targetRefType: request.targetRefType,
+					targetRefId: request.targetRefId,
+					reviewNote: request.reviewNote
+				}
+			});
+			return jsonResult({ request });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("actor_expertise", {
+		title: "Actor Expertise",
+		description: experimentalWorkflowDescription("Inspect expertise derived from activity, current context authorship, and review-request history without requiring a separate actors table."),
+		inputSchema: z.discriminatedUnion("mode", [z.object({
+			mode: z.literal("by_scope"),
+			scope: z.string().describe("Scope string: site, collection:{slug}, content:{collection}:{id}, or plugin:{id}."),
+			include_inherited: z.boolean().optional().describe("Include ancestor scopes in the expertise ranking. Defaults to true."),
+			limit: z.number().int().min(1).max(100).optional().describe("Maximum experts to return. Defaults to 10.")
+		}), z.object({
+			mode: z.literal("by_actor"),
+			actor_type: z.enum(ACTOR_EXPERTISE_ACTOR_TYPES).describe("Actor type: user, api_token, or system."),
+			actor_id: z.string().describe("Actor id to summarize."),
+			limit: z.number().int().min(1).max(100).optional().describe("Maximum readable scopes to return. Defaults to 10.")
+		})]),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		const payload = getExtra(extra);
+		const service = new ActorExpertiseService({ db: payload.dineway.db });
+		if (args.mode === "by_scope") {
+			requireExpertiseScope(extra, args.scope);
+			return jsonResult(await service.findByScope({
+				scope: args.scope,
+				includeInherited: args.include_inherited,
+				limit: args.limit
+			}));
+		}
+		requireExpertiseRead(extra);
+		const result = await service.findByActor({
+			actorType: args.actor_type,
+			actorId: args.actor_id
+		});
+		const limit = Math.min(Math.max(1, args.limit ?? 10), 100);
+		const scopes = result.scopes.filter((item) => scopeReadableForExpertise(payload, item.scope));
+		const counts = scopes.reduce((accumulator, item) => ({
+			contextEntries: accumulator.contextEntries + item.counts.contextEntries,
+			reviewRequests: accumulator.reviewRequests + item.counts.reviewRequests,
+			activities: accumulator.activities + item.counts.activities,
+			total: accumulator.total + item.counts.total
+		}), {
+			contextEntries: 0,
+			reviewRequests: 0,
+			activities: 0,
+			total: 0
+		});
+		return jsonResult({
+			...result,
+			counts,
+			scopes: scopes.slice(0, limit)
+		});
+	});
+	server.registerTool("agent_handoff_capture", {
+		title: "Capture Agent Handoff",
+		description: experimentalWorkflowDescription("Capture the current agent objective, reasoning, findings, touched objects, and pending actions before pausing or handing work off."),
+		inputSchema: z.object({
+			scope: z.string().describe("Scope string: site, collection:{slug}, content:{collection}:{id}, or plugin:{id}."),
+			objective: z.string().min(1).describe("Current objective or outcome the agent was pursuing."),
+			reasoning: z.string().min(1).describe("Concise summary of what was found, decided, or blocked at the handoff point."),
+			key_findings: z.array(z.object({
+				summary: z.string().min(1),
+				confidence: z.number().min(0).max(1).optional(),
+				evidence_type: z.enum([
+					"context_entry",
+					"review_request",
+					"activity"
+				]).optional(),
+				evidence_id: z.string().optional()
+			})).optional().describe("Important findings or conclusions with optional evidence references."),
+			touched_objects: z.array(z.object({
+				entity_type: z.string().min(1),
+				id: z.string().min(1),
+				label: z.string().optional(),
+				collection: z.string().optional(),
+				scope: z.string().optional()
+			})).optional().describe("Objects already inspected or modified during this workflow."),
+			pending_actions: z.array(z.object({
+				action_type: z.string().min(1),
+				summary: z.string().min(1),
+				status: z.enum([
+					"pending",
+					"blocked",
+					"waiting_on_review"
+				]).optional(),
+				scope: z.string().optional()
+			})).optional().describe("Concrete next actions or blockers left unresolved."),
+			tool_evidence: z.array(z.object({
+				tool_name: z.string().min(1),
+				args_summary: z.string().optional(),
+				result_summary: z.string().optional()
+			})).optional().describe("Non-secret summaries of the key tools used to reach this state."),
+			confidence: z.number().min(0).max(1).optional().describe("Optional self-assessed confidence in the current reasoning state."),
+			handoff_kind: z.enum(HANDOFF_KINDS).optional().describe("Why the work is being paused or handed off. Defaults to pause."),
+			reference_type: z.enum(HANDOFF_REFERENCE_TYPES).optional().describe("Optional linked review request or assignment type."),
+			reference_id: z.string().optional().describe("Optional linked review request or assignment id.")
+		})
+	}, async (args, extra) => {
+		requireHandoffScope(extra, args.scope);
+		const payload = getExtra(extra);
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		const store = new HandoffSnapshotStore({ db: payload.dineway.db });
+		try {
+			const snapshot = await store.capture({
+				scope: args.scope,
+				actorType: actor.actorType,
+				actorId: actor.actorId,
+				authMetadata: actor.authMetadata,
+				objective: args.objective,
+				reasoning: args.reasoning,
+				keyFindings: args.key_findings?.map((item) => ({
+					summary: item.summary,
+					confidence: item.confidence,
+					evidenceType: item.evidence_type,
+					evidenceId: item.evidence_id
+				})),
+				touchedObjects: args.touched_objects?.map((item) => ({
+					entityType: item.entity_type,
+					id: item.id,
+					label: item.label,
+					collection: item.collection,
+					scope: item.scope
+				})),
+				pendingActions: args.pending_actions?.map((item) => ({
+					actionType: item.action_type,
+					summary: item.summary,
+					status: item.status,
+					scope: item.scope
+				})),
+				toolEvidence: args.tool_evidence?.map((item) => ({
+					toolName: item.tool_name,
+					argsSummary: item.args_summary,
+					resultSummary: item.result_summary
+				})),
+				confidence: args.confidence,
+				handoffKind: args.handoff_kind,
+				referenceType: args.reference_type,
+				referenceId: args.reference_id
+			});
+			await logSiteActivitySafely(payload.dineway.db, locals, {
+				actionType: "handoff.captured",
+				subjectType: "handoff_snapshot",
+				subjectId: snapshot.id,
+				scope: snapshot.scope,
+				summary: `Captured ${snapshot.handoffKind} handoff snapshot`,
+				detail: {
+					handoffKind: snapshot.handoffKind,
+					referenceType: snapshot.referenceType,
+					referenceId: snapshot.referenceId,
+					objective: snapshot.objective
+				}
+			});
+			return jsonResult({ snapshot });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("agent_handoff_resume", {
+		title: "Resume Agent Handoff",
+		description: experimentalWorkflowDescription("Resume from a stored handoff snapshot and return a deterministic diff of activity, context, and review changes since capture time."),
+		inputSchema: z.object({
+			snapshot_id: z.string().describe("Handoff snapshot id returned by agent_handoff_capture."),
+			activity_limit: z.number().int().min(1).max(100).optional().describe("Maximum activity rows to include in the diff. Defaults to 25."),
+			review_limit: z.number().int().min(1).max(100).optional().describe("Maximum review request rows to include in the diff. Defaults to 25.")
+		})
+	}, async (args, extra) => {
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const store = new HandoffSnapshotStore({ db: payload.dineway.db });
+		try {
+			const snapshot = await store.get(args.snapshot_id);
+			if (!snapshot) return errorResult(`Handoff snapshot not found: ${args.snapshot_id}`);
+			requireHandoffScope(extra, snapshot.scope);
+			const existing = await store.resume({
+				id: args.snapshot_id,
+				permissions: { canReadContent: contentDiffReadableForHandoff(payload) },
+				activityLimit: args.activity_limit,
+				reviewLimit: args.review_limit
+			});
+			if (!existing) return errorResult(`Handoff snapshot not found: ${args.snapshot_id}`);
+			await logSiteActivitySafely(payload.dineway.db, actorLocals(payload), {
+				actionType: "handoff.resumed",
+				subjectType: "handoff_snapshot",
+				subjectId: existing.snapshot.id,
+				scope: existing.snapshot.scope,
+				summary: `Resumed ${existing.snapshot.handoffKind} handoff snapshot`,
+				detail: {
+					handoffKind: existing.snapshot.handoffKind,
+					referenceType: existing.snapshot.referenceType,
+					referenceId: existing.snapshot.referenceId,
+					resumedAt: existing.resumedAt
+				}
+			});
+			return jsonResult(existing);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("content_list", {
+		title: "List Content",
+		description: "List content items in a collection with optional filtering and pagination. Returns items sorted by the specified field. Use the nextCursor value from the response to fetch the next page. Status can be 'draft', 'published', or 'scheduled'. If no status is given, all non-trashed items are returned.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug (e.g. 'posts', 'pages')"),
+			status: z.enum([
+				"draft",
+				"published",
+				"scheduled"
+			]).optional().describe("Filter by content status"),
+			limit: z.number().int().min(1).max(100).optional().describe("Max items to return (default 50, max 100)"),
+			cursor: z.string().optional().describe("Pagination cursor from a previous response"),
+			orderBy: z.string().optional().describe("Field to sort by (e.g. 'created_at', 'updated_at')"),
+			order: z.enum(["asc", "desc"]).optional().describe("Sort direction (default 'desc')"),
+			locale: z.string().optional().describe("Filter by locale (e.g. 'en', 'fr'). Only relevant when i18n is enabled.")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		const ec = getDineway(extra);
+		const status = canReadDrafts(extra) ? args.status : "published";
+		return unwrap(await ec.handleContentList(args.collection, {
+			status,
+			limit: args.limit,
+			cursor: args.cursor,
+			orderBy: args.orderBy,
+			order: args.order,
+			locale: args.locale
+		}));
+	});
+	server.registerTool("content_get", {
+		title: "Get Content",
+		description: "Get a single content item by its ID or slug. Returns the full content data including all field values, metadata, and a _rev token for optimistic concurrency (pass _rev back when updating to detect conflicts).",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug (e.g. 'posts', 'pages')"),
+			id: z.string().describe("Content item ID (ULID) or slug"),
+			locale: z.string().optional().describe("Locale to scope slug lookup (e.g. 'fr'). Only affects slug resolution; IDs are globally unique.")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		const result = await getDineway(extra).handleContentGet(args.collection, args.id, args.locale);
+		if (result.success && !canReadDrafts(extra)) {
+			const data = result.data && typeof result.data === "object" ? result.data : {};
+			if (!isPublishedRecord("item" in data ? data.item : data)) return errorResult("Content not found");
+		}
+		return unwrap(result);
+	});
+	server.registerTool("content_create", {
+		title: "Create Content",
+		description: "Create a new content item in a collection. The 'data' object should contain field values matching the collection's schema (use schema_get_collection to check). Rich text fields accept Portable Text JSON arrays. A slug is auto-generated if not provided. Items are created as 'draft' by default — use content_publish to make them live.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug (e.g. 'posts', 'pages')"),
+			data: z.record(z.string(), z.unknown()).describe("Field values as key-value pairs matching the collection schema"),
+			slug: z.string().optional().describe("URL slug (auto-generated from title if omitted)"),
+			status: z.enum(["draft", "published"]).optional().describe("Initial status (default 'draft'). Requires publish permission."),
+			locale: z.string().optional().describe("Locale for this content (e.g. 'fr'). Defaults to default locale."),
+			translationOf: z.string().optional().describe("ID of the content item this is a translation of. Links items in the same translation group.")
+		}),
+		annotations: { destructiveHint: false }
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.CONTRIBUTOR);
+		const payload = getExtra(extra);
+		const { dineway, userId } = payload;
+		const locals = actorLocals(payload);
+		if (args.translationOf) {
+			const source = await dineway.handleContentGet(args.collection, args.translationOf);
+			if (!source.success) return unwrap(source);
+			requireOwnership(extra, extractContentAuthorId(source.data), "content:edit_own", "content:edit_any");
+		}
+		if (args.status === "published") {
+			if (!hasPermission({
+				id: userId,
+				role: getExtra(extra).userRole
+			}, "content:publish_own")) throw new McpError(ErrorCode.InvalidRequest, "Insufficient permissions: publishing requires content:publish_own");
+			if (contentPublishReviewRequired(extra)) throw new McpError(ErrorCode.InvalidRequest, "Token-authenticated content creation with immediate publish is review-gated. Create a draft first, submit review_request_submit, resolve it as approved, then call content_publish with review_request_id.");
+			const result = await dineway.handleContentCreate(args.collection, {
+				data: args.data,
+				slug: args.slug,
+				authorId: userId,
+				locale: args.locale,
+				translationOf: args.translationOf
+			});
+			if (!result.success) return unwrap(result);
+			const itemId = extractContentId(result.data);
+			if (itemId) {
+				await logMcpContentActivity(dineway, locals, args.collection, itemId, "created", "content_create", {
+					changedFields: activityChangedKeys(args.data),
+					slugProvided: args.slug !== void 0,
+					locale: args.locale ?? null,
+					translationOf: args.translationOf ?? null
+				});
+				const publishResult = await dineway.handleContentPublish(args.collection, itemId);
+				if (publishResult.success) await logMcpContentActivity(dineway, locals, args.collection, itemId, "published", "content_create");
+				return unwrap(publishResult);
+			}
+			return unwrap(result);
+		}
+		const result = await dineway.handleContentCreate(args.collection, {
+			data: args.data,
+			slug: args.slug,
+			authorId: userId,
+			locale: args.locale,
+			translationOf: args.translationOf
+		});
+		if (result.success) {
+			const itemId = extractContentId(result.data);
+			if (itemId) await logMcpContentActivity(dineway, locals, args.collection, itemId, "created", "content_create", {
+				changedFields: activityChangedKeys(args.data),
+				slugProvided: args.slug !== void 0,
+				locale: args.locale ?? null,
+				translationOf: args.translationOf ?? null
+			});
+		}
+		return unwrap(result);
+	});
+	server.registerTool("content_update", {
+		title: "Update Content",
+		description: "Update an existing content item. Only include fields you want to change in the 'data' object — unspecified fields are left unchanged. Pass the _rev token from content_get to enable optimistic concurrency checking (the update fails if the item was modified since you read it). `seo` and `bylines` are persisted alongside field updates. `publishedAt` requires content:publish_any permission and is useful for content imports.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug"),
+			data: z.record(z.string(), z.unknown()).optional().describe("Field values to update (only include changed fields)"),
+			slug: z.string().optional().describe("New URL slug"),
+			status: z.enum(["draft", "published"]).optional().describe("New status. Setting to 'published' requires publish permission. Setting to 'draft' unpublishes the item and also requires publish permission."),
+			seo: contentSeoInput.optional().describe("Per-content SEO metadata. Only valid for collections with SEO enabled."),
+			bylines: z.array(contentBylineInputSchema).optional().describe("Replace the byline list for this item. The first entry becomes the primary byline."),
+			publishedAt: z.iso.datetime({
+				offset: true,
+				message: "must be an ISO 8601 datetime"
+			}).nullish().describe("Override the publication timestamp. Requires content:publish_any permission. Pass null to clear."),
+			_rev: z.string().optional().describe("Revision token from content_get for conflict detection"),
+			review_request_id: z.string().optional().describe("Approved review request id required for token-authenticated content.publish actions.")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const { dineway, userId, userRole } = payload;
+		const locals = actorLocals(payload);
+		const existing = await dineway.handleContentGet(args.collection, args.id);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:edit_own", "content:edit_any");
+		const resolvedId = extractContentId(existing.data) ?? args.id;
+		const ownerId = extractContentAuthorId(existing.data);
+		if (args.publishedAt !== void 0) {
+			if (!hasPermission({
+				id: userId,
+				role: userRole
+			}, "content:publish_any")) return errorResult("[INSUFFICIENT_PERMISSIONS] Setting publishedAt requires content:publish_any permission");
+		}
+		const hasInlineUpdates = args.data || args.slug || args.seo !== void 0 || args.bylines !== void 0 || args.publishedAt !== void 0;
+		if (args.status === "published") {
+			requireOwnership(extra, ownerId, "content:publish_own", "content:publish_any");
+			if (contentPublishReviewRequired(extra) && hasInlineUpdates) throw new McpError(ErrorCode.InvalidRequest, "Token-authenticated publish with inline content changes is review-gated. Save the draft first, submit review_request_submit, resolve it as approved, then publish with review_request_id.");
+			if (hasInlineUpdates) {
+				const updateResult = await dineway.handleContentUpdate(args.collection, resolvedId, {
+					data: args.data,
+					slug: args.slug,
+					authorId: userId,
+					seo: args.seo,
+					bylines: args.bylines,
+					publishedAt: args.publishedAt,
+					_rev: args._rev
+				});
+				if (!updateResult.success) return unwrap(updateResult);
+				await logMcpContentActivity(dineway, locals, args.collection, resolvedId, "updated", "content_update", {
+					changedFields: activityChangedKeys(args.data),
+					slugChanged: args.slug !== void 0,
+					seoChanged: args.seo !== void 0,
+					bylinesChanged: args.bylines !== void 0,
+					publishedAtChanged: args.publishedAt !== void 0
+				});
+			}
+			await requireApprovedContentPublishReview(extra, args.collection, resolvedId, args.review_request_id);
+			const publishResult = await dineway.handleContentPublish(args.collection, resolvedId);
+			if (publishResult.success) await logMcpContentActivity(dineway, locals, args.collection, resolvedId, "published", "content_update", { reviewRequestId: args.review_request_id ?? null });
+			return unwrap(publishResult);
+		}
+		if (args.status === "draft") {
+			requireOwnership(extra, ownerId, "content:publish_own", "content:publish_any");
+			if (hasInlineUpdates) {
+				const updateResult = await dineway.handleContentUpdate(args.collection, resolvedId, {
+					data: args.data,
+					slug: args.slug,
+					authorId: userId,
+					seo: args.seo,
+					bylines: args.bylines,
+					publishedAt: args.publishedAt,
+					_rev: args._rev
+				});
+				if (!updateResult.success) return unwrap(updateResult);
+				await logMcpContentActivity(dineway, locals, args.collection, resolvedId, "updated", "content_update", {
+					changedFields: activityChangedKeys(args.data),
+					slugChanged: args.slug !== void 0,
+					seoChanged: args.seo !== void 0,
+					bylinesChanged: args.bylines !== void 0,
+					publishedAtChanged: args.publishedAt !== void 0
+				});
+			}
+			const unpublishResult = await dineway.handleContentUnpublish(args.collection, resolvedId);
+			if (unpublishResult.success) await logMcpContentActivity(dineway, locals, args.collection, resolvedId, "unpublished", "content_update");
+			return unwrap(unpublishResult);
+		}
+		const result = await dineway.handleContentUpdate(args.collection, resolvedId, {
+			data: args.data,
+			slug: args.slug,
+			authorId: userId,
+			seo: args.seo,
+			bylines: args.bylines,
+			publishedAt: args.publishedAt,
+			_rev: args._rev
+		});
+		if (result.success) await logMcpContentActivity(dineway, locals, args.collection, resolvedId, "updated", "content_update", {
+			changedFields: activityChangedKeys(args.data),
+			slugChanged: args.slug !== void 0,
+			seoChanged: args.seo !== void 0,
+			bylinesChanged: args.bylines !== void 0,
+			publishedAtChanged: args.publishedAt !== void 0
+		});
+		return unwrap(result);
+	});
+	server.registerTool("content_delete", {
+		title: "Delete Content (Trash)",
+		description: "Soft-delete a content item by moving it to the trash. The item can be restored later with content_restore, or permanently deleted with content_permanent_delete.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug")
+		}),
+		annotations: { destructiveHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const existing = await ec.handleContentGet(args.collection, args.id);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:delete_own", "content:delete_any");
+		const resolvedId = extractContentId(existing.data) ?? args.id;
+		const result = await ec.handleContentDelete(args.collection, resolvedId);
+		if (result.success) await logMcpContentActivity(ec, locals, args.collection, resolvedId, "deleted", "content_delete");
+		return unwrap(result);
+	});
+	server.registerTool("content_restore", {
+		title: "Restore Content",
+		description: "Restore a soft-deleted content item from the trash back to its previous state.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const existing = await ec.handleContentGetIncludingTrashed(args.collection, args.id);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:edit_own", "content:edit_any");
+		const resolvedId = extractContentId(existing.data) ?? args.id;
+		const result = await ec.handleContentRestore(args.collection, resolvedId);
+		if (result.success) await logMcpContentActivity(ec, locals, args.collection, resolvedId, "restored", "content_restore");
+		return unwrap(result);
+	});
+	server.registerTool("content_permanent_delete", {
+		title: "Permanently Delete Content",
+		description: "Permanently and irreversibly delete a trashed content item. The item must be in the trash first (use content_delete). This cannot be undone.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug")
+		}),
+		annotations: { destructiveHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.ADMIN);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const existing = await ec.handleContentGetIncludingTrashed(args.collection, args.id);
+		const resolvedId = existing.success ? extractContentId(existing.data) ?? args.id : args.id;
+		const result = await ec.handleContentPermanentDelete(args.collection, resolvedId);
+		if (result.success) await logMcpContentActivity(ec, locals, args.collection, resolvedId, "permanently_deleted", "content_permanent_delete");
+		return unwrap(result);
+	});
+	server.registerTool("content_publish", {
+		title: "Publish Content",
+		description: "Publish a content item, making it live on the site. Creates a published revision from the current draft. Further edits create a new draft without affecting the live version until re-published. Pass `publishedAt` to backdate imported or historical content; this requires content:publish_any.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug"),
+			publishedAt: z.iso.datetime({
+				offset: true,
+				message: "must be an ISO 8601 datetime"
+			}).optional().describe("Override publication timestamp. Requires content:publish_any permission."),
+			review_request_id: z.string().optional().describe("Approved review request id required for token-authenticated publish actions.")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const { dineway: ec, userId, userRole } = payload;
+		const locals = actorLocals(payload);
+		const existing = await ec.handleContentGet(args.collection, args.id);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:publish_own", "content:publish_any");
+		const resolvedId = extractContentId(existing.data) ?? args.id;
+		if (args.publishedAt !== void 0) {
+			if (!hasPermission({
+				id: userId,
+				role: userRole
+			}, "content:publish_any")) return errorResult("[INSUFFICIENT_PERMISSIONS] Setting publishedAt requires content:publish_any permission");
+		}
+		await requireApprovedContentPublishReview(extra, args.collection, resolvedId, args.review_request_id);
+		const result = await ec.handleContentPublish(args.collection, resolvedId, { publishedAt: args.publishedAt });
+		if (result.success) await logMcpContentActivity(ec, locals, args.collection, resolvedId, "published", "content_publish", {
+			reviewRequestId: args.review_request_id ?? null,
+			publishedAt: args.publishedAt ?? null
+		});
+		return unwrap(result);
+	});
+	server.registerTool("content_unpublish", {
+		title: "Unpublish Content",
+		description: "Unpublish a content item, reverting it to draft status. It will no longer be visible on the live site but its content is preserved.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const existing = await ec.handleContentGet(args.collection, args.id);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:publish_own", "content:publish_any");
+		const resolvedId = extractContentId(existing.data) ?? args.id;
+		const result = await ec.handleContentUnpublish(args.collection, resolvedId);
+		if (result.success) await logMcpContentActivity(ec, locals, args.collection, resolvedId, "unpublished", "content_unpublish");
+		return unwrap(result);
+	});
+	server.registerTool("content_schedule", {
+		title: "Schedule Content",
+		description: "Schedule a content item for future publication. It will be automatically published at the specified date/time. The scheduledAt value must be an ISO 8601 datetime string in the future (e.g. '2025-06-01T09:00:00Z').",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug"),
+			scheduledAt: z.string().describe("ISO 8601 datetime for publication (e.g. '2025-06-01T09:00:00Z')")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const existing = await ec.handleContentGet(args.collection, args.id);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:publish_own", "content:publish_any");
+		const resolvedId = extractContentId(existing.data) ?? args.id;
+		const result = await ec.handleContentSchedule(args.collection, resolvedId, args.scheduledAt);
+		if (result.success) await logMcpContentActivity(ec, locals, args.collection, resolvedId, "scheduled", "content_schedule", { scheduledAt: args.scheduledAt });
+		return unwrap(result);
+	});
+	server.registerTool("content_compare", {
+		title: "Compare Live vs Draft",
+		description: "Compare the published (live) version of a content item with its current draft. Returns both versions and a flag indicating whether there are changes. Useful for reviewing unpublished edits before publishing.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		requireDraftAccess(extra);
+		return unwrap(await getDineway(extra).handleContentCompare(args.collection, args.id));
+	});
+	server.registerTool("content_discard_draft", {
+		title: "Discard Draft",
+		description: "Discard the current draft changes and revert to the last published version. Only works on items that have been published at least once.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug")
+		}),
+		annotations: { destructiveHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const existing = await ec.handleContentGet(args.collection, args.id);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:edit_own", "content:edit_any");
+		const resolvedId = extractContentId(existing.data) ?? args.id;
+		const result = await ec.handleContentDiscardDraft(args.collection, resolvedId);
+		if (result.success) await logMcpContentActivity(ec, locals, args.collection, resolvedId, "draft_discarded", "content_discard_draft");
+		return unwrap(result);
+	});
+	server.registerTool("content_list_trashed", {
+		title: "List Trashed Content",
+		description: "List soft-deleted content items in a collection's trash. These items can be restored with content_restore or permanently deleted with content_permanent_delete.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			limit: z.number().int().min(1).max(100).optional().describe("Max items (default 50)"),
+			cursor: z.string().optional().describe("Pagination cursor")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		requireDraftAccess(extra);
+		return unwrap(await getDineway(extra).handleContentListTrashed(args.collection, {
+			limit: args.limit,
+			cursor: args.cursor
+		}));
+	});
+	server.registerTool("content_duplicate", {
+		title: "Duplicate Content",
+		description: "Create a copy of an existing content item. The duplicate is created as a draft with '(Copy)' appended to the title and an auto-generated slug.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug to duplicate")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.CONTRIBUTOR);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const result = await ec.handleContentDuplicate(args.collection, args.id);
+		if (result.success) {
+			const duplicatedId = extractContentId(result.data);
+			if (duplicatedId) await logMcpContentActivity(ec, locals, args.collection, duplicatedId, "duplicated", "content_duplicate", { sourceEntryId: args.id });
+		}
+		return unwrap(result);
+	});
+	server.registerTool("content_translations", {
+		title: "Get Content Translations",
+		description: "Get all locale variants of a content item. Returns the translation group and a summary of each locale version (id, locale, slug, status). Only relevant when i18n is enabled on the site.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		const result = await getDineway(extra).handleContentTranslations(args.collection, args.id);
+		if (result.success && !canReadDrafts(extra)) {
+			const data = result.data && typeof result.data === "object" ? result.data : {};
+			const translations = "translations" in data && Array.isArray(data.translations) ? data.translations : [];
+			return unwrap({
+				success: true,
+				data: {
+					...data,
+					translations: translations.filter(isPublishedRecord)
+				}
+			});
+		}
+		return unwrap(result);
+	});
+	server.registerTool("schema_list_collections", {
+		title: "List Collections",
+		description: "List all content collections defined in the CMS. Each collection represents a content type (e.g. posts, pages, products) with its own schema and database table. Returns slug, label, supported features, and timestamps.",
+		inputSchema: z.object({}),
+		annotations: { readOnlyHint: true }
+	}, async (_args, extra) => {
+		requireScope(extra, "schema:read");
+		requireRole(extra, Role.EDITOR);
+		const ec = getDineway(extra);
+		try {
+			const { SchemaRegistry } = await import("../../../schema-BNpI53of.mjs").then((n) => n.t);
+			return jsonResult({ items: await new SchemaRegistry(ec.db).listCollections() });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("schema_get_collection", {
+		title: "Get Collection Schema",
+		description: "Get detailed info about a collection including all field definitions. Fields describe the data model: name, type (string, text, number, boolean, datetime, portableText, image, reference, json, select, multiSelect, slug), constraints, and validation rules. Use this to understand what data content_create and content_update expect.",
+		inputSchema: z.object({ slug: z.string().describe("Collection slug (e.g. 'posts'). Use schema_list_collections to see available slugs.") }),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "schema:read");
+		requireRole(extra, Role.EDITOR);
+		const ec = getDineway(extra);
+		try {
+			const { SchemaRegistry } = await import("../../../schema-BNpI53of.mjs").then((n) => n.t);
+			const collection = await new SchemaRegistry(ec.db).getCollectionWithFields(args.slug);
+			if (!collection) return errorResult(`Collection '${args.slug}' not found`);
+			return jsonResult(collection);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("schema_create_collection", {
+		title: "Create Collection",
+		description: "Create a new content collection (content type). This creates a database table and schema definition. The slug must be lowercase alphanumeric with underscores, starting with a letter. Supports: 'drafts' (draft/publish workflow), 'revisions' (version history), 'preview' (live preview), 'scheduling' (timed publish), 'search' (full-text indexing).",
+		inputSchema: z.object({
+			slug: z.string().regex(COLLECTION_SLUG_PATTERN).describe("Unique identifier (lowercase letters, numbers, underscores)"),
+			label: z.string().describe("Display name (plural, e.g. 'Blog Posts')"),
+			labelSingular: z.string().optional().describe("Singular display name (e.g. 'Blog Post')"),
+			description: z.string().optional().describe("Description of this collection"),
+			icon: z.string().optional().describe("Icon name for the admin UI"),
+			supports: z.array(z.enum([
+				"drafts",
+				"revisions",
+				"preview",
+				"scheduling",
+				"search"
+			])).optional().describe("Features to enable (default: ['drafts', 'revisions'])")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "schema:write");
+		requireRole(extra, Role.ADMIN);
+		const ec = getDineway(extra);
+		try {
+			const { SchemaRegistry } = await import("../../../schema-BNpI53of.mjs").then((n) => n.t);
+			const collection = await new SchemaRegistry(ec.db).createCollection({
+				slug: args.slug,
+				label: args.label,
+				labelSingular: args.labelSingular,
+				description: args.description,
+				icon: args.icon,
+				supports: args.supports
+			});
+			ec.invalidateManifest();
+			await logSchemaActivity(ec.db, actorLocals(getExtra(extra)), {
+				action: "collection_created",
+				collection: collection.slug,
+				...schemaMcpToolSource("collection_created"),
+				summary: `Created collection ${collection.slug}`,
+				detail: {
+					label: args.label,
+					labelSingular: args.labelSingular ?? null,
+					supports: args.supports ?? null
+				}
+			});
+			return jsonResult(collection);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("schema_delete_collection", {
+		title: "Delete Collection",
+		description: "Delete a collection and its database table. This is irreversible and deletes all content in the collection. Use with extreme caution.",
+		inputSchema: z.object({
+			slug: z.string().describe("Collection slug to delete"),
+			force: z.boolean().optional().describe("Force deletion even if the collection has content (default false)"),
+			hitl_request_id: z.string().optional().describe("Approved HITL request id required for API-token destructive schema actions.")
+		}),
+		annotations: { destructiveHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "schema:write");
+		requireRole(extra, Role.ADMIN);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		try {
+			const action = await new SchemaHitlPayloadBuilder(ec.db).buildDeleteCollectionRequest({
+				slug: args.slug,
+				force: args.force
+			});
+			const decision = await new RiskPolicyEvaluator({
+				db: ec.db,
+				handlers: ec
+			}).evaluateWorkflowHitl({
+				actor,
+				hitlRequestId: args.hitl_request_id,
+				action
+			});
+			if (!decision.allowed) {
+				const { created, request } = await ensureWorkflowHitlRequest(extra, decision.action);
+				return jsonResult({
+					status: "hitl_required",
+					created,
+					message: decision.message,
+					request
+				});
+			}
+			const { SchemaRegistry } = await import("../../../schema-BNpI53of.mjs").then((n) => n.t);
+			await new SchemaRegistry(ec.db).deleteCollection(args.slug, { force: args.force });
+			ec.invalidateManifest();
+			await logSchemaActivity(ec.db, locals, {
+				action: "collection_deleted",
+				collection: args.slug,
+				...schemaMcpToolSource("collection_deleted"),
+				summary: `Deleted collection ${args.slug}`,
+				detail: {
+					force: args.force === true,
+					hitlRequestId: decision.required ? decision.hitlRequest.id : null
+				}
+			});
+			return jsonResult({ deleted: args.slug });
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("schema_create_field", {
+		title: "Add Field to Collection",
+		description: "Add a new field to a collection's schema. This adds a column to the database table. Field types: string (short text), text (long text), number (decimal), integer, boolean, datetime, select (single choice), multiSelect (multiple), portableText (rich text), image, file, reference (link to another collection), json, slug (URL-safe id). For select/multiSelect, provide choices in validation.options array.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug to add the field to"),
+			slug: z.string().regex(COLLECTION_SLUG_PATTERN).describe("Field identifier (lowercase letters, numbers, underscores)"),
+			label: z.string().describe("Display name for the field"),
+			type: z.enum([
+				"string",
+				"text",
+				"number",
+				"integer",
+				"boolean",
+				"datetime",
+				"select",
+				"multiSelect",
+				"portableText",
+				"image",
+				"file",
+				"reference",
+				"json",
+				"slug"
+			]).describe("Data type for this field"),
+			required: z.boolean().optional().describe("Whether the field is required (default false)"),
+			unique: z.boolean().optional().describe("Whether values must be unique (default false)"),
+			defaultValue: z.unknown().optional().describe("Default value for new items"),
+			validation: z.object({
+				min: z.number().optional(),
+				max: z.number().optional(),
+				minLength: z.number().optional(),
+				maxLength: z.number().optional(),
+				pattern: z.string().optional(),
+				options: z.array(z.string()).optional().describe("Allowed values for select/multiSelect")
+			}).optional().describe("Validation constraints"),
+			options: z.object({
+				collection: z.string().optional().describe("Target collection slug for reference fields"),
+				rows: z.number().optional().describe("Number of rows for textarea")
+			}).passthrough().optional().describe("Widget configuration"),
+			searchable: z.boolean().optional().describe("Include in full-text search index (default false)"),
+			translatable: z.boolean().optional().describe("Whether this field is translatable (default true). Non-translatable fields are synced across all locales in a translation group.")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "schema:write");
+		requireRole(extra, Role.ADMIN);
+		const ec = getDineway(extra);
+		try {
+			const { SchemaRegistry } = await import("../../../schema-BNpI53of.mjs").then((n) => n.t);
+			const field = await new SchemaRegistry(ec.db).createField(args.collection, {
+				slug: args.slug,
+				label: args.label,
+				type: args.type,
+				required: args.required,
+				unique: args.unique,
+				defaultValue: args.defaultValue,
+				validation: args.validation,
+				options: args.options,
+				searchable: args.searchable,
+				translatable: args.translatable
+			});
+			ec.invalidateManifest();
+			await logSchemaActivity(ec.db, actorLocals(getExtra(extra)), {
+				action: "field_created",
+				collection: args.collection,
+				field: field.slug,
+				...schemaMcpToolSource("field_created"),
+				summary: `Created field ${args.collection}.${field.slug}`,
+				detail: {
+					fieldType: args.type,
+					required: args.required === true,
+					searchable: args.searchable === true
+				}
+			});
+			return jsonResult(field);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("schema_delete_field", {
+		title: "Remove Field from Collection",
+		description: "Remove a field from a collection. This drops the column from the database table and deletes all data in that field. Irreversible.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			fieldSlug: z.string().describe("Field slug to remove"),
+			hitl_request_id: z.string().optional().describe("Approved HITL request id required for API-token destructive schema actions.")
+		}),
+		annotations: { destructiveHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "schema:write");
+		requireRole(extra, Role.ADMIN);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		try {
+			const action = await new SchemaHitlPayloadBuilder(ec.db).buildDeleteFieldRequest({
+				collection: args.collection,
+				fieldSlug: args.fieldSlug
+			});
+			const decision = await new RiskPolicyEvaluator({
+				db: ec.db,
+				handlers: ec
+			}).evaluateWorkflowHitl({
+				actor,
+				hitlRequestId: args.hitl_request_id,
+				action
+			});
+			if (!decision.allowed) {
+				const { created, request } = await ensureWorkflowHitlRequest(extra, decision.action);
+				return jsonResult({
+					status: "hitl_required",
+					created,
+					message: decision.message,
+					request
+				});
+			}
+			const { SchemaRegistry } = await import("../../../schema-BNpI53of.mjs").then((n) => n.t);
+			await new SchemaRegistry(ec.db).deleteField(args.collection, args.fieldSlug);
+			ec.invalidateManifest();
+			await logSchemaActivity(ec.db, locals, {
+				action: "field_deleted",
+				collection: args.collection,
+				field: args.fieldSlug,
+				...schemaMcpToolSource("field_deleted"),
+				summary: `Deleted field ${args.collection}.${args.fieldSlug}`,
+				detail: { hitlRequestId: decision.required ? decision.hitlRequest.id : null }
+			});
+			return jsonResult({
+				deleted: args.fieldSlug,
+				collection: args.collection
+			});
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("media_list", {
+		title: "List Media",
+		description: "List uploaded media files (images, documents, etc.) with optional MIME type filtering and pagination. Returns file metadata including filename, URL, dimensions, and alt text.",
+		inputSchema: z.object({
+			mimeType: z.string().optional().describe("Filter by MIME type prefix (e.g. 'image/', 'application/pdf')"),
+			limit: z.number().int().min(1).max(100).optional().describe("Max items (default 50)"),
+			cursor: z.string().optional().describe("Pagination cursor")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "media:read");
+		return unwrap(await getDineway(extra).handleMediaList({
+			mimeType: args.mimeType,
+			limit: args.limit,
+			cursor: args.cursor
+		}));
+	});
+	server.registerTool("media_get", {
+		title: "Get Media Item",
+		description: "Get details of a single media file by its ID. Returns metadata including filename, MIME type, size, dimensions, alt text, and URL.",
+		inputSchema: z.object({ id: z.string().describe("Media item ID") }),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "media:read");
+		return unwrap(await getDineway(extra).handleMediaGet(args.id));
+	});
+	server.registerTool("media_update", {
+		title: "Update Media Metadata",
+		description: "Update the metadata of an uploaded media file. You can change the alt text, caption, and dimensions. The file itself cannot be changed.",
+		inputSchema: z.object({
+			id: z.string().describe("Media item ID"),
+			alt: z.string().optional().describe("Alt text for accessibility"),
+			caption: z.string().optional().describe("Caption text"),
+			width: z.number().int().optional().describe("Image width in pixels"),
+			height: z.number().int().optional().describe("Image height in pixels")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "media:write");
+		requireRole(extra, Role.AUTHOR);
+		const ec = getDineway(extra);
+		const existing = await ec.handleMediaGet(args.id);
+		if (!existing.success) return unwrap(existing);
+		const media = existing.data?.item;
+		requireOwnership(extra, typeof media?.authorId === "string" ? media.authorId : "", "media:edit_own", "media:edit_any");
+		return unwrap(await ec.handleMediaUpdate(args.id, {
+			alt: args.alt,
+			caption: args.caption,
+			width: args.width,
+			height: args.height
+		}));
+	});
+	server.registerTool("media_delete", {
+		title: "Delete Media",
+		description: "Permanently delete an uploaded media file. Removes the database record and the file from storage. Content referencing this media will have broken references. Cannot be undone.",
+		inputSchema: z.object({ id: z.string().describe("Media item ID") }),
+		annotations: { destructiveHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "media:write");
+		requireRole(extra, Role.AUTHOR);
+		const ec = getDineway(extra);
+		const existing = await ec.handleMediaGet(args.id);
+		if (!existing.success) return unwrap(existing);
+		const media = existing.data?.item;
+		requireOwnership(extra, typeof media?.authorId === "string" ? media.authorId : "", "media:delete_own", "media:delete_any");
+		return unwrap(await ec.handleMediaDelete(args.id));
+	});
+	server.registerTool("entity_resolve", {
+		title: "Resolve Entity",
+		description: "Resolve a fuzzy Dineway object reference into an exact content, collection, plugin, taxonomy, or menu target. Returns resolved, ambiguous, or not_found with deterministic tier ranking.",
+		inputSchema: z.object({
+			query: z.string().describe("Natural-language entity reference to resolve"),
+			entity_types: z.array(z.enum(ENTITY_RESOLVE_TYPES)).optional().describe("Restrict resolution to specific entity types"),
+			collection: z.string().regex(COLLECTION_SLUG_PATTERN).optional().describe("Optional content collection hint for content resolution"),
+			limit: z.number().int().min(1).max(20).optional().describe("Max candidates (default 5)")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireAnyScope(extra, [
+			"content:read",
+			"schema:read",
+			"admin"
+		]);
+		requireRole(extra, Role.SUBSCRIBER);
+		try {
+			const payload = getExtra(extra);
+			const entityTypes = allowedEntityResolveTypes(payload, args.entity_types);
+			if (entityTypes.length === 0) throw new McpError(ErrorCode.InvalidRequest, "No readable entity types are available for this token or role.");
+			return jsonResult(await new EntityResolver({
+				db: payload.dineway.db,
+				handlers: payload.dineway
+			}).resolve({
+				query: args.query,
+				entityTypes,
+				collection: args.collection,
+				limit: args.limit
+			}));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("search", {
+		title: "Search Content",
+		description: "Full-text search across content collections. Searches indexed fields for matching content. Collections must have 'search' in their supports list and fields must be marked as searchable. Returns collection, item ID, title, excerpt, and relevance score.",
+		inputSchema: z.object({
+			query: z.string().describe("Search query text"),
+			collections: z.array(z.string()).optional().describe("Limit search to specific collection slugs (all if omitted)"),
+			locale: z.string().optional().describe("Filter results by locale (omit to search all locales)"),
+			limit: z.number().int().min(1).max(50).optional().describe("Max results (default 20)")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		const ec = getDineway(extra);
+		try {
+			const { searchWithDb } = await import("../../../search-DM6CVti3.mjs").then((n) => n.t);
+			return jsonResult(await searchWithDb(ec.db, args.query, {
+				collections: args.collections,
+				locale: args.locale,
+				limit: args.limit
+			}));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("taxonomy_list", {
+		title: "List Taxonomies",
+		description: "List all taxonomy definitions (e.g. categories, tags). Taxonomies are classification systems applied to content. Each has a name, label, and can be hierarchical (categories) or flat (tags).",
+		inputSchema: z.object({}),
+		annotations: { readOnlyHint: true }
+	}, async (_args, extra) => {
+		requireScope(extra, "content:read");
+		const ec = getDineway(extra);
+		try {
+			return jsonResult((await ec.db.selectFrom("_dineway_taxonomy_defs").selectAll().execute()).map((row) => ({
+				id: row.id,
+				name: row.name,
+				label: row.label,
+				labelSingular: row.label_singular ?? void 0,
+				hierarchical: row.hierarchical === 1,
+				collections: row.collections ? JSON.parse(row.collections) : []
+			})));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("taxonomy_list_terms", {
+		title: "List Taxonomy Terms",
+		description: "List terms in a taxonomy with pagination. Terms are individual entries (e.g. specific categories or tags). Hierarchical taxonomies can have parent-child relationships.",
+		inputSchema: z.object({
+			taxonomy: z.string().describe("Taxonomy name (e.g. 'categories', 'tags')"),
+			limit: z.number().int().min(1).max(100).optional().describe("Max items (default 50)"),
+			cursor: z.string().optional().describe("Pagination cursor")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		const ec = getDineway(extra);
+		try {
+			const taxonomy = await ec.db.selectFrom("_dineway_taxonomy_defs").select("id").where("name", "=", args.taxonomy).executeTakeFirst();
+			if (!taxonomy) return errorResult(`Taxonomy '${args.taxonomy}' not found`);
+			const limit = Math.min(args.limit ?? 50, 100);
+			let query = ec.db.selectFrom("_dineway_taxonomy_terms").selectAll().where("taxonomy_id", "=", taxonomy.id).orderBy("label", "asc").limit(limit + 1);
+			if (args.cursor) query = query.where("id", ">", args.cursor);
+			const rows = await query.execute();
+			const hasMore = rows.length > limit;
+			const items = hasMore ? rows.slice(0, limit) : rows;
+			return jsonResult({
+				items,
+				nextCursor: hasMore ? items.at(-1)?.id : void 0
+			});
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("taxonomy_create_term", {
+		title: "Create Taxonomy Term",
+		description: "Create a new term in a taxonomy. For hierarchical taxonomies like categories, you can specify a parentId to create a child term.",
+		inputSchema: z.object({
+			taxonomy: z.string().describe("Taxonomy name (e.g. 'categories', 'tags')"),
+			slug: z.string().describe("URL-safe identifier for the term"),
+			label: z.string().describe("Display name"),
+			parentId: z.string().optional().describe("Parent term ID for hierarchical taxonomies"),
+			description: z.string().optional().describe("Description of the term")
+		})
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.EDITOR);
+		const ec = getDineway(extra);
+		try {
+			const { ulid } = await import("ulidx");
+			const taxonomy = await ec.db.selectFrom("_dineway_taxonomy_defs").select("id").where("name", "=", args.taxonomy).executeTakeFirst();
+			if (!taxonomy) return errorResult(`Taxonomy '${args.taxonomy}' not found`);
+			const id = ulid();
+			await ec.db.insertInto("_dineway_taxonomy_terms").values({
+				id,
+				taxonomy_id: taxonomy.id,
+				slug: args.slug,
+				label: args.label,
+				parent_id: args.parentId ?? null,
+				description: args.description ?? null
+			}).execute();
+			return jsonResult(await ec.db.selectFrom("_dineway_taxonomy_terms").selectAll().where("id", "=", id).executeTakeFirstOrThrow());
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("menu_list", {
+		title: "List Menus",
+		description: "List all navigation menus defined in the CMS. Menus are named navigation structures (e.g. 'main', 'footer') containing ordered items with labels, URLs, and optional nesting.",
+		inputSchema: z.object({}),
+		annotations: { readOnlyHint: true }
+	}, async (_args, extra) => {
+		requireScope(extra, "content:read");
+		const ec = getDineway(extra);
+		try {
+			return jsonResult(await ec.db.selectFrom("_dineway_menus").select([
+				"id",
+				"name",
+				"label",
+				"created_at",
+				"updated_at"
+			]).orderBy("name", "asc").execute());
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("menu_get", {
+		title: "Get Menu with Items",
+		description: "Get a menu by name including all its items in order. Items have a label, URL, type (custom/content/collection), and optional parent for nesting.",
+		inputSchema: z.object({ name: z.string().describe("Menu name (e.g. 'main', 'footer')") }),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		const ec = getDineway(extra);
+		try {
+			const menu = await ec.db.selectFrom("_dineway_menus").selectAll().where("name", "=", args.name).executeTakeFirst();
+			if (!menu) return errorResult(`Menu '${args.name}' not found`);
+			const items = await ec.db.selectFrom("_dineway_menu_items").selectAll().where("menu_id", "=", menu.id).orderBy("sort_order", "asc").execute();
+			return jsonResult({
+				...menu,
+				items
+			});
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("revision_list", {
+		title: "List Revisions",
+		description: "List revision history for a content item. Revisions are snapshots created on publish or update. Returns newest-first. Requires the collection to support 'revisions'.",
+		inputSchema: z.object({
+			collection: z.string().describe("Collection slug"),
+			id: z.string().describe("Content item ID or slug"),
+			limit: z.number().int().min(1).max(50).optional().describe("Max revisions (default 20)")
+		}),
+		annotations: { readOnlyHint: true }
+	}, async (args, extra) => {
+		requireScope(extra, "content:read");
+		requireDraftAccess(extra);
+		return unwrap(await getDineway(extra).handleRevisionList(args.collection, args.id, { limit: args.limit }));
+	});
+	server.registerTool("revision_restore", {
+		title: "Restore Revision",
+		description: "Restore a content item to a previous revision. Replaces the current draft with the specified revision's data. Not automatically published — use content_publish afterward if needed.",
+		inputSchema: z.object({ revisionId: z.string().describe("Revision ID to restore") })
+	}, async (args, extra) => {
+		requireScope(extra, "content:write");
+		requireRole(extra, Role.AUTHOR);
+		const { dineway, userId } = getExtra(extra);
+		const revision = await dineway.handleRevisionGet(args.revisionId);
+		if (!revision.success) return unwrap(revision);
+		const revItem = revision.data?.item;
+		if (!revItem?.collection || !revItem?.entryId) return errorResult("Revision is missing collection or entry reference");
+		const existing = await dineway.handleContentGet(revItem.collection, revItem.entryId);
+		if (!existing.success) return unwrap(existing);
+		requireOwnership(extra, extractContentAuthorId(existing.data), "content:edit_own", "content:edit_any");
+		return unwrap(await dineway.handleRevisionRestore(args.revisionId, userId));
+	});
+	server.registerTool("settings_get", {
+		title: "Get Site Settings",
+		description: "Get all site-wide settings including title, tagline, media references, canonical URL, date formatting, social links, and SEO defaults. Media references include resolved URLs when storage can resolve them.",
+		inputSchema: z.object({}),
+		annotations: { readOnlyHint: true }
+	}, async (_args, extra) => {
+		requireScope(extra, "admin");
+		requireRole(extra, Role.ADMIN);
+		const ec = getDineway(extra);
+		try {
+			const { handleSettingsGet } = await import("../../../settings-Bw93cLfe.mjs").then((n) => n.r);
+			return unwrap(await handleSettingsGet(ec.db, ec.storage));
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	server.registerTool("settings_update", {
+		title: "Update Site Settings",
+		description: "Update one or more site-wide settings. This is a partial update: omitted fields keep their existing values. Media references use { mediaId, alt? }.",
+		inputSchema: settingsMcpUpdateBody
+	}, async (args, extra) => {
+		requireScope(extra, "admin");
+		requireRole(extra, Role.ADMIN);
+		const payload = getExtra(extra);
+		const ec = payload.dineway;
+		const locals = actorLocals(payload);
+		const actor = resolveActorIdentity(locals);
+		const { hitl_request_id, ...settingsInput } = args;
+		try {
+			const action = await new SettingsHitlPayloadBuilder(ec.db).buildUpdateSettingsRequest(settingsInput);
+			const decision = await new RiskPolicyEvaluator({
+				db: ec.db,
+				handlers: ec
+			}).evaluateWorkflowHitl({
+				actor,
+				hitlRequestId: hitl_request_id,
+				action
+			});
+			if (!decision.allowed) {
+				const { created, request } = await ensureWorkflowHitlRequest(extra, decision.action);
+				return jsonResult({
+					status: "hitl_required",
+					created,
+					message: decision.message,
+					request
+				});
+			}
+			const { handleSettingsUpdate } = await import("../../../settings-Bw93cLfe.mjs").then((n) => n.r);
+			const result = await handleSettingsUpdate(ec.db, ec.storage, settingsInput);
+			if (!result.success) return unwrap(result);
+			await logSiteActivitySafely(ec.db, locals, {
+				actionType: "settings.updated",
+				subjectType: "site_settings",
+				subjectId: "site",
+				scope: "site",
+				sourceType: "mcp_tool",
+				sourceName: "settings_update",
+				summary: action.summary ?? "Updated site settings",
+				detail: {
+					changedKeys: Object.keys(settingsInput).toSorted(),
+					touchesSeo: Object.hasOwn(settingsInput, "seo"),
+					hitlRequestId: decision.required ? decision.hitlRequest.id : null
+				}
+			});
+			return unwrap(result);
+		} catch (error) {
+			return errorResult(error);
+		}
+	});
+	return server;
+}
+
+//#endregion
+//#region src/astro/routes/api/mcp.ts
+/**
+* MCP Streamable HTTP endpoint
+*
+* Exposes an MCP server at /_dineway/api/mcp using the Streamable HTTP
+* transport (Web Standard variant). The server runs stateless — each
+* request creates a fresh transport, so no session tracking is needed.
+* Authentication is handled by the existing Dineway auth middleware.
+*
+* POST /_dineway/api/mcp — JSON-RPC tool calls
+* GET  /_dineway/api/mcp — SSE stream (not used in stateless mode)
+* DELETE /_dineway/api/mcp — Session close (not used in stateless mode)
+*/
+const prerender = false;
+const POST = async ({ request, locals }) => {
+	const { dineway, user } = locals;
+	if (!dineway) return apiError("NOT_CONFIGURED", "Dineway is not initialized", 500);
+	if (!user) return apiError("UNAUTHORIZED", "Authentication required", 401);
+	const server = createMcpServer();
+	try {
+		const transport = new WebStandardStreamableHTTPServerTransport({ sessionIdGenerator: void 0 });
+		await server.connect(transport);
+		return await transport.handleRequest(request, { authInfo: {
+			token: "",
+			clientId: "dineway-admin",
+			scopes: [],
+			extra: {
+				dineway,
+				userId: user.id,
+				userRole: user.role,
+				tokenScopes: locals.tokenScopes,
+				authToken: locals.authToken
+			}
+		} });
+	} catch (error) {
+		console.error("[MCP]", error);
+		await server.close().catch(() => {});
+		return new Response(JSON.stringify({
+			jsonrpc: "2.0",
+			error: {
+				code: -32603,
+				message: "Internal server error"
+			},
+			id: null
+		}), {
+			status: 500,
+			headers: {
+				"Content-Type": "application/json",
+				"Cache-Control": "private, no-store"
+			}
+		});
+	}
+};
+/**
+* GET — SSE stream. Not used in stateless mode.
+*/
+const GET = async () => {
+	return new Response(JSON.stringify({
+		jsonrpc: "2.0",
+		error: {
+			code: -32e3,
+			message: "Method not allowed. This is a stateless MCP endpoint — use POST."
+		},
+		id: null
+	}), {
+		status: 405,
+		headers: {
+			"Content-Type": "application/json",
+			"Cache-Control": "private, no-store"
+		}
+	});
+};
+/**
+* DELETE — Session close. Not used in stateless mode.
+*/
+const DELETE = async () => {
+	return new Response(JSON.stringify({
+		jsonrpc: "2.0",
+		error: {
+			code: -32e3,
+			message: "Method not allowed. This is a stateless MCP endpoint."
+		},
+		id: null
+	}), {
+		status: 405,
+		headers: {
+			"Content-Type": "application/json",
+			"Cache-Control": "private, no-store"
+		}
+	});
+};
+
+//#endregion
+export { DELETE, GET, POST, prerender };