Foundation · 2026-07-14
Governed MCP vertical slice
Provider-neutral identity, OAuth consent, connector snapshots, scoped grants, fail-closed audit, guardrails, signed CloudEvents webhooks, the Security Center, and private assurance evidence are implemented and locally verified.
- The deployment contract fixes production at two cross-AZ tasks per service without a runtime SLA or service flag; no contractual uptime SLA is claimed.
- Named SaaS connector adapters remain subject to certification before production support claims.
- SOC 2, ISO 27001, penetration testing, and production migration evidence are not yet independently complete.