Current runtime status of this client's fleet: agents, launcher hosts, online/offline state, recent heartbeats, CPU/memory/disk, and deploy state. Read-only.

Active security policy plus the most recent security events (blocked IPs, threat scores, pipeline findings) for this client. Read-only.

limit: max number of recent events to return (1-500).

Recent request/operation traces the control plane recorded for this client's agents — what was proxied, what was acted on, and the outcome. Read-only.

limit: max number of trace entries (1-200).

A snapshot of the runtime truth graph: the authoritative relationships between hosts, agents, deployed services, and the policies governing them. This is the governed reality your agent should reason about before acting. Read-only.

Evaluate the deploy gate WITHOUT requesting a deploy: returns whether a proposed change would pass policy, and which checks gate it. Read-only — use this to reason before calling request_deploy.

summary: optional human description of the intended change.

Request a deploy. This does NOT deploy — it enqueues a deploy request into the control plane's human-approval queue and returns a request id plus the approval URL a human must visit to approve. This server cannot apply a deploy on its own.

summary: short description of what to deploy / why (required). details: optional longer context for the human approver.

Request remediation of a security finding or incident. Respects the client's blocked_categories and is human-approval-gated: it enqueues a remediation proposal, never auto-applies. Returns the proposal id and approval URL.

finding: id or description of what to remediate (required). action: 'propose' (default) to queue a proposal for approval.