PyPI - tradingcodex - Versions diffs - 0.1.0__py3-none-any.whl - Mend

tradingcodex 0.1.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (254) hide show

apps/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+

apps/audit/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+

apps/audit/admin.py ADDED Viewed

@@ -0,0 +1,6 @@
+from django.contrib import admin
+from apps.audit.models import AuditEvent
+admin.site.register(AuditEvent)

apps/audit/apps.py ADDED Viewed

@@ -0,0 +1,8 @@
+from django.apps import AppConfig
+class AuditConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "apps.audit"
+    label = "audit"
+    verbose_name = "Audit Ledger"

apps/audit/migrations/0001_initial.py ADDED Viewed

@@ -0,0 +1,35 @@
+# Generated by Django 5.2.5 on 2026-06-12 16:32
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    initial = True
+    dependencies = [
+    ]
+    operations = [
+        migrations.CreateModel(
+            name='AuditEvent',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('actor_principal', models.CharField(default='system', max_length=128)),
+                ('source', models.CharField(default='service', max_length=32)),
+                ('action', models.CharField(max_length=160)),
+                ('resource', models.CharField(blank=True, max_length=255)),
+                ('decision', models.CharField(default='recorded', max_length=32)),
+                ('request_hash', models.CharField(blank=True, max_length=64)),
+                ('result_hash', models.CharField(blank=True, max_length=64)),
+                ('workspace_context', models.JSONField(blank=True, default=dict)),
+                ('payload', models.JSONField(blank=True, default=dict)),
+            ],
+            options={
+                'verbose_name': 'Audit event',
+                'verbose_name_plural': 'Audit events',
+                'ordering': ['-created_at', '-id'],
+            },
+        ),
+    ]

apps/audit/migrations/__init__.py ADDED Viewed

File without changes

apps/audit/models.py ADDED Viewed

@@ -0,0 +1,22 @@
+from django.db import models
+class AuditEvent(models.Model):
+    created_at = models.DateTimeField(auto_now_add=True)
+    actor_principal = models.CharField(max_length=128, default="system")
+    source = models.CharField(max_length=32, default="service")
+    action = models.CharField(max_length=160)
+    resource = models.CharField(max_length=255, blank=True)
+    decision = models.CharField(max_length=32, default="recorded")
+    request_hash = models.CharField(max_length=64, blank=True)
+    result_hash = models.CharField(max_length=64, blank=True)
+    workspace_context = models.JSONField(default=dict, blank=True)
+    payload = models.JSONField(default=dict, blank=True)
+    class Meta:
+        ordering = ["-created_at", "-id"]
+        verbose_name = "Audit event"
+        verbose_name_plural = "Audit events"
+    def __str__(self) -> str:
+        return f"{self.created_at:%Y-%m-%d %H:%M:%S} {self.action}"

apps/harness/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+

apps/harness/admin.py ADDED Viewed

@@ -0,0 +1,6 @@
+from django.contrib import admin
+from apps.harness.models import WorkspaceContext
+admin.site.register(WorkspaceContext)

apps/harness/apps.py ADDED Viewed

@@ -0,0 +1,8 @@
+from django.apps import AppConfig
+class HarnessConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "apps.harness"
+    label = "harness"
+    verbose_name = "Harness Operations"

apps/harness/migrations/0001_initial.py ADDED Viewed

@@ -0,0 +1,35 @@
+# Generated by Django 5.2.5 on 2026-06-12 16:32
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    initial = True
+    dependencies = [
+    ]
+    operations = [
+        migrations.CreateModel(
+            name='WorkspaceContext',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('workspace_id', models.CharField(max_length=80, unique=True)),
+                ('path_hash', models.CharField(max_length=64, unique=True)),
+                ('project_name', models.CharField(max_length=180)),
+                ('path', models.CharField(max_length=1024)),
+                ('git_remote', models.CharField(blank=True, max_length=512)),
+                ('git_branch', models.CharField(blank=True, max_length=180)),
+                ('active_profile', models.JSONField(blank=True, default=dict)),
+                ('metadata', models.JSONField(blank=True, default=dict)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('last_seen_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'Workspace context',
+                'verbose_name_plural': 'Workspace contexts',
+                'ordering': ['project_name', 'id'],
+            },
+        ),
+    ]

apps/harness/migrations/__init__.py ADDED Viewed

File without changes

apps/harness/models.py ADDED Viewed

@@ -0,0 +1,22 @@
+from django.db import models
+class WorkspaceContext(models.Model):
+    workspace_id = models.CharField(max_length=80, unique=True)
+    path_hash = models.CharField(max_length=64, unique=True)
+    project_name = models.CharField(max_length=180)
+    path = models.CharField(max_length=1024)
+    git_remote = models.CharField(max_length=512, blank=True)
+    git_branch = models.CharField(max_length=180, blank=True)
+    active_profile = models.JSONField(default=dict, blank=True)
+    metadata = models.JSONField(default=dict, blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    last_seen_at = models.DateTimeField(auto_now=True)
+    class Meta:
+        ordering = ["project_name", "id"]
+        verbose_name = "Workspace context"
+        verbose_name_plural = "Workspace contexts"
+    def __str__(self) -> str:
+        return f"{self.project_name} {self.workspace_id}"

apps/harness/templatetags/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+

apps/integrations/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+

apps/integrations/admin.py ADDED Viewed

@@ -0,0 +1,6 @@
+from django.contrib import admin
+from apps.integrations.models import AdapterDefinition
+admin.site.register(AdapterDefinition)

apps/integrations/apps.py ADDED Viewed

@@ -0,0 +1,8 @@
+from django.apps import AppConfig
+class IntegrationsConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "apps.integrations"
+    label = "integrations"
+    verbose_name = "Integrations"

apps/integrations/migrations/0001_initial.py ADDED Viewed

@@ -0,0 +1,29 @@
+# Generated by Django 5.2.5 on 2026-06-12 16:32
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    initial = True
+    dependencies = [
+    ]
+    operations = [
+        migrations.CreateModel(
+            name='AdapterDefinition',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('adapter_id', models.CharField(max_length=120, unique=True)),
+                ('kind', models.CharField(default='execution', max_length=64)),
+                ('enabled', models.BooleanField(default=False)),
+                ('live', models.BooleanField(default=False)),
+                ('config', models.JSONField(blank=True, default=dict)),
+            ],
+            options={
+                'verbose_name': 'Adapter definition',
+                'verbose_name_plural': 'Adapter definitions',
+            },
+        ),
+    ]

apps/integrations/migrations/__init__.py ADDED Viewed

File without changes

apps/integrations/models.py ADDED Viewed

@@ -0,0 +1,16 @@
+from django.db import models
+class AdapterDefinition(models.Model):
+    adapter_id = models.CharField(max_length=120, unique=True)
+    kind = models.CharField(max_length=64, default="execution")
+    enabled = models.BooleanField(default=False)
+    live = models.BooleanField(default=False)
+    config = models.JSONField(default=dict, blank=True)
+    class Meta:
+        verbose_name = "Adapter definition"
+        verbose_name_plural = "Adapter definitions"
+    def __str__(self) -> str:
+        return self.adapter_id

apps/integrations/services.py ADDED Viewed

@@ -0,0 +1,31 @@
+from __future__ import annotations
+from typing import Any
+from django.db.models import QuerySet
+from apps.integrations.models import AdapterDefinition
+def enable_non_live_adapters(queryset: QuerySet[AdapterDefinition], actor: str = "admin") -> int:
+    count = queryset.filter(live=False).update(enabled=True)
+    _audit("adapter.enabled_non_live", {"count": count}, actor)
+    return count
+def disable_adapters(queryset: QuerySet[AdapterDefinition], actor: str = "admin") -> int:
+    count = queryset.update(enabled=False)
+    _audit("adapter.disabled", {"count": count}, actor)
+    return count
+def disable_live_adapters(queryset: QuerySet[AdapterDefinition], actor: str = "admin") -> int:
+    count = queryset.filter(live=True).update(enabled=False)
+    _audit("adapter.live_disabled", {"count": count}, actor)
+    return count
+def _audit(action: str, payload: dict[str, Any], actor: str) -> None:
+    from tradingcodex_service.application.audit import write_audit_event_if_available
+    write_audit_event_if_available(None, actor, "admin", {"type": action, "payload": payload})

apps/mcp/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+

apps/mcp/admin.py ADDED Viewed

@@ -0,0 +1,20 @@
+from django.contrib import admin
+from apps.mcp.models import (
+    McpExternalTool,
+    McpExternalToolCall,
+    McpExternalToolPermission,
+    McpRouter,
+    McpToolCall,
+    McpToolDefinition,
+)
+admin.site.register([
+    McpToolDefinition,
+    McpToolCall,
+    McpRouter,
+    McpExternalTool,
+    McpExternalToolPermission,
+    McpExternalToolCall,
+])

apps/mcp/apps.py ADDED Viewed

@@ -0,0 +1,8 @@
+from django.apps import AppConfig
+class McpConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "apps.mcp"
+    label = "mcp"
+    verbose_name = "MCP Gateway"

apps/mcp/migrations/0001_initial.py ADDED Viewed

@@ -0,0 +1,168 @@
+# Generated by Django 5.2.5 on 2026-06-12 16:32
+import django.db.models.deletion
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    initial = True
+    dependencies = [
+    ]
+    operations = [
+        migrations.CreateModel(
+            name='McpExternalTool',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('primitive', models.CharField(default='tool', max_length=32)),
+                ('external_name', models.CharField(max_length=200)),
+                ('description', models.TextField(blank=True)),
+                ('input_schema', models.JSONField(blank=True, default=dict)),
+                ('output_schema', models.JSONField(blank=True, default=dict)),
+                ('schema_hash', models.CharField(blank=True, max_length=64)),
+                ('category', models.CharField(default='unknown', max_length=64)),
+                ('risk_level', models.CharField(default='unknown', max_length=32)),
+                ('sensitivity', models.CharField(default='unknown', max_length=32)),
+                ('canonical_capability', models.CharField(blank=True, max_length=160)),
+                ('proxy_mode', models.CharField(default='blocked', max_length=32)),
+                ('allowed_roles', models.JSONField(blank=True, default=list)),
+                ('conditions', models.JSONField(blank=True, default=dict)),
+                ('enabled', models.BooleanField(default=False)),
+                ('review_status', models.CharField(default='review_required', max_length=32)),
+                ('drift_detected', models.BooleanField(default=False)),
+                ('last_seen_at', models.DateTimeField(blank=True, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'external MCP tool',
+                'verbose_name_plural': 'external MCP tools',
+                'ordering': ['router__name', 'primitive', 'external_name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='McpRouter',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=160, unique=True)),
+                ('label', models.CharField(blank=True, max_length=160)),
+                ('transport', models.CharField(default='stdio', max_length=32)),
+                ('command', models.TextField(blank=True)),
+                ('url', models.URLField(blank=True)),
+                ('args', models.JSONField(blank=True, default=list)),
+                ('env', models.JSONField(blank=True, default=dict)),
+                ('credential_ref', models.CharField(blank=True, max_length=255)),
+                ('trust_level', models.CharField(default='unreviewed', max_length=32)),
+                ('enabled', models.BooleanField(default=False)),
+                ('last_status', models.CharField(default='not_checked', max_length=32)),
+                ('last_error', models.TextField(blank=True)),
+                ('last_checked_at', models.DateTimeField(blank=True, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'MCP router',
+                'verbose_name_plural': 'MCP routers',
+                'ordering': ['name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='McpToolCall',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('tool_name', models.CharField(max_length=160)),
+                ('principal_id', models.CharField(default='unknown', max_length=128)),
+                ('status', models.CharField(default='recorded', max_length=32)),
+                ('request', models.JSONField(blank=True, default=dict)),
+                ('response', models.JSONField(blank=True, default=dict)),
+                ('workspace_context', models.JSONField(blank=True, default=dict)),
+                ('request_hash', models.CharField(blank=True, max_length=64)),
+                ('result_hash', models.CharField(blank=True, max_length=64)),
+                ('error', models.TextField(blank=True)),
+                ('duration_ms', models.PositiveIntegerField(default=0)),
+            ],
+            options={
+                'verbose_name': 'MCP tool call',
+                'verbose_name_plural': 'MCP tool calls',
+                'ordering': ['-created_at', '-id'],
+            },
+        ),
+        migrations.CreateModel(
+            name='McpToolDefinition',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=160, unique=True)),
+                ('description', models.TextField(blank=True)),
+                ('category', models.CharField(default='general', max_length=64)),
+                ('capability_required', models.CharField(blank=True, max_length=160)),
+                ('input_schema', models.JSONField(blank=True, default=dict)),
+                ('risk_level', models.CharField(default='read', max_length=32)),
+                ('allowed_roles', models.JSONField(blank=True, default=list)),
+                ('requires_approval', models.BooleanField(default=False)),
+                ('audit_required', models.BooleanField(default=True)),
+                ('experimental', models.BooleanField(default=False)),
+                ('enabled', models.BooleanField(default=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'MCP tool definition',
+                'verbose_name_plural': 'MCP tool definitions',
+            },
+        ),
+        migrations.CreateModel(
+            name='McpExternalToolCall',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('router_name', models.CharField(max_length=160)),
+                ('external_name', models.CharField(max_length=200)),
+                ('principal_id', models.CharField(default='unknown', max_length=128)),
+                ('proxy_mode', models.CharField(default='blocked', max_length=32)),
+                ('decision', models.CharField(default='denied', max_length=32)),
+                ('reasons', models.JSONField(blank=True, default=list)),
+                ('request', models.JSONField(blank=True, default=dict)),
+                ('response', models.JSONField(blank=True, default=dict)),
+                ('request_hash', models.CharField(blank=True, max_length=64)),
+                ('result_hash', models.CharField(blank=True, max_length=64)),
+                ('workspace_context', models.JSONField(blank=True, default=dict)),
+                ('external_tool', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='calls', to='mcp.mcpexternaltool')),
+            ],
+            options={
+                'verbose_name': 'external MCP tool call',
+                'verbose_name_plural': 'external MCP tool calls',
+                'ordering': ['-created_at', '-id'],
+            },
+        ),
+        migrations.AddField(
+            model_name='mcpexternaltool',
+            name='router',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='external_tools', to='mcp.mcprouter'),
+        ),
+        migrations.CreateModel(
+            name='McpExternalToolPermission',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('principal_or_role', models.CharField(max_length=128)),
+                ('capability', models.CharField(blank=True, max_length=160)),
+                ('decision', models.CharField(default='allow', max_length=16)),
+                ('conditions', models.JSONField(blank=True, default=dict)),
+                ('enabled', models.BooleanField(default=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('external_tool', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='permissions', to='mcp.mcpexternaltool')),
+            ],
+            options={
+                'verbose_name': 'external MCP permission',
+                'verbose_name_plural': 'external MCP permissions',
+                'ordering': ['external_tool__external_name', 'principal_or_role'],
+                'constraints': [models.UniqueConstraint(fields=('external_tool', 'principal_or_role', 'capability'), name='unique_external_mcp_permission')],
+            },
+        ),
+        migrations.AddConstraint(
+            model_name='mcpexternaltool',
+            constraint=models.UniqueConstraint(fields=('router', 'primitive', 'external_name'), name='unique_external_mcp_primitive'),
+        ),
+    ]

apps/mcp/migrations/__init__.py ADDED Viewed

File without changes

apps/mcp/models.py ADDED Viewed

@@ -0,0 +1,154 @@
+from django.db import models
+class McpToolDefinition(models.Model):
+    name = models.CharField(max_length=160, unique=True)
+    description = models.TextField(blank=True)
+    category = models.CharField(max_length=64, default="general")
+    capability_required = models.CharField(max_length=160, blank=True)
+    input_schema = models.JSONField(default=dict, blank=True)
+    risk_level = models.CharField(max_length=32, default="read")
+    allowed_roles = models.JSONField(default=list, blank=True)
+    requires_approval = models.BooleanField(default=False)
+    audit_required = models.BooleanField(default=True)
+    experimental = models.BooleanField(default=False)
+    enabled = models.BooleanField(default=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    class Meta:
+        verbose_name = "MCP tool definition"
+        verbose_name_plural = "MCP tool definitions"
+    def __str__(self) -> str:
+        return self.name
+class McpToolCall(models.Model):
+    created_at = models.DateTimeField(auto_now_add=True)
+    tool_name = models.CharField(max_length=160)
+    principal_id = models.CharField(max_length=128, default="unknown")
+    status = models.CharField(max_length=32, default="recorded")
+    request = models.JSONField(default=dict, blank=True)
+    response = models.JSONField(default=dict, blank=True)
+    workspace_context = models.JSONField(default=dict, blank=True)
+    request_hash = models.CharField(max_length=64, blank=True)
+    result_hash = models.CharField(max_length=64, blank=True)
+    error = models.TextField(blank=True)
+    duration_ms = models.PositiveIntegerField(default=0)
+    class Meta:
+        ordering = ["-created_at", "-id"]
+        verbose_name = "MCP tool call"
+        verbose_name_plural = "MCP tool calls"
+    def __str__(self) -> str:
+        return f"{self.tool_name} {self.status}"
+class McpRouter(models.Model):
+    name = models.CharField(max_length=160, unique=True)
+    label = models.CharField(max_length=160, blank=True)
+    transport = models.CharField(max_length=32, default="stdio")
+    command = models.TextField(blank=True)
+    url = models.URLField(blank=True)
+    args = models.JSONField(default=list, blank=True)
+    env = models.JSONField(default=dict, blank=True)
+    credential_ref = models.CharField(max_length=255, blank=True)
+    trust_level = models.CharField(max_length=32, default="unreviewed")
+    enabled = models.BooleanField(default=False)
+    last_status = models.CharField(max_length=32, default="not_checked")
+    last_error = models.TextField(blank=True)
+    last_checked_at = models.DateTimeField(null=True, blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    class Meta:
+        ordering = ["name"]
+        verbose_name = "MCP router"
+        verbose_name_plural = "MCP routers"
+    def __str__(self) -> str:
+        return self.label or self.name
+class McpExternalTool(models.Model):
+    router = models.ForeignKey(McpRouter, on_delete=models.CASCADE, related_name="external_tools")
+    primitive = models.CharField(max_length=32, default="tool")
+    external_name = models.CharField(max_length=200)
+    description = models.TextField(blank=True)
+    input_schema = models.JSONField(default=dict, blank=True)
+    output_schema = models.JSONField(default=dict, blank=True)
+    schema_hash = models.CharField(max_length=64, blank=True)
+    category = models.CharField(max_length=64, default="unknown")
+    risk_level = models.CharField(max_length=32, default="unknown")
+    sensitivity = models.CharField(max_length=32, default="unknown")
+    canonical_capability = models.CharField(max_length=160, blank=True)
+    proxy_mode = models.CharField(max_length=32, default="blocked")
+    allowed_roles = models.JSONField(default=list, blank=True)
+    conditions = models.JSONField(default=dict, blank=True)
+    enabled = models.BooleanField(default=False)
+    review_status = models.CharField(max_length=32, default="review_required")
+    drift_detected = models.BooleanField(default=False)
+    last_seen_at = models.DateTimeField(null=True, blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    class Meta:
+        ordering = ["router__name", "primitive", "external_name"]
+        constraints = [
+            models.UniqueConstraint(fields=["router", "primitive", "external_name"], name="unique_external_mcp_primitive")
+        ]
+        verbose_name = "external MCP tool"
+        verbose_name_plural = "external MCP tools"
+    def __str__(self) -> str:
+        return f"{self.router.name}:{self.external_name}"
+class McpExternalToolPermission(models.Model):
+    external_tool = models.ForeignKey(McpExternalTool, on_delete=models.CASCADE, related_name="permissions")
+    principal_or_role = models.CharField(max_length=128)
+    capability = models.CharField(max_length=160, blank=True)
+    decision = models.CharField(max_length=16, default="allow")
+    conditions = models.JSONField(default=dict, blank=True)
+    enabled = models.BooleanField(default=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    class Meta:
+        ordering = ["external_tool__external_name", "principal_or_role"]
+        constraints = [
+            models.UniqueConstraint(
+                fields=["external_tool", "principal_or_role", "capability"],
+                name="unique_external_mcp_permission",
+            )
+        ]
+        verbose_name = "external MCP permission"
+        verbose_name_plural = "external MCP permissions"
+    def __str__(self) -> str:
+        return f"{self.external_tool.external_name} {self.principal_or_role} {self.decision}"
+class McpExternalToolCall(models.Model):
+    created_at = models.DateTimeField(auto_now_add=True)
+    external_tool = models.ForeignKey(McpExternalTool, on_delete=models.SET_NULL, null=True, blank=True, related_name="calls")
+    router_name = models.CharField(max_length=160)
+    external_name = models.CharField(max_length=200)
+    principal_id = models.CharField(max_length=128, default="unknown")
+    proxy_mode = models.CharField(max_length=32, default="blocked")
+    decision = models.CharField(max_length=32, default="denied")
+    reasons = models.JSONField(default=list, blank=True)
+    request = models.JSONField(default=dict, blank=True)
+    response = models.JSONField(default=dict, blank=True)
+    request_hash = models.CharField(max_length=64, blank=True)
+    result_hash = models.CharField(max_length=64, blank=True)
+    workspace_context = models.JSONField(default=dict, blank=True)
+    class Meta:
+        ordering = ["-created_at", "-id"]
+        verbose_name = "external MCP tool call"
+        verbose_name_plural = "external MCP tool calls"
+    def __str__(self) -> str:
+        return f"{self.router_name}:{self.external_name} {self.decision}"